Router CVE Lookup

Search an embedded database of 40+ known router vulnerabilities by brand, model, or CVE ID. Each entry includes a CVSS severity score, affected firmware versions, and recommended remediation steps. Use this to check whether your router model has documented security issues.

Search by Brand, Model, or CVE ID

CVE ID	Brand	Model(s)	CVSS	Severity	Description	Fix

What Is a CVE?

CVE (Common Vulnerabilities and Exposures) is a standardized system for identifying and cataloging security vulnerabilities. Each CVE entry has a unique ID (like CVE-2024-3080), a description, and a severity score. For router owners, checking CVEs for your specific model helps you understand whether your device has known security flaws that attackers could exploit.

Routers are high-value targets because they sit at the boundary of your network. A compromised router can intercept all your traffic, redirect DNS queries to malicious servers, and serve as a launching point for attacks on your other devices. Regularly checking for vulnerabilities and updating your firmware is critical.

CVSS Severity Ratings

The Common Vulnerability Scoring System (CVSS) rates vulnerabilities on a scale of 0 to 10. Higher scores indicate more severe vulnerabilities that should be patched immediately:

CVSS Score	Rating	Action Required
9.0 - 10.0	Critical	Patch immediately or take device offline
7.0 - 8.9	High	Patch within 24-48 hours
4.0 - 6.9	Medium	Patch within your normal update cycle
0.1 - 3.9	Low	Patch when convenient

Pro Tip: Do not rely solely on CVSS scores to prioritize patching. A medium-severity vulnerability that is being actively exploited in the wild is more urgent than a critical vulnerability with no known exploit. Check vendor advisories and threat intelligence feeds for exploitation status. Always change your admin password after applying security patches.

Most Commonly Exploited Router Vulnerabilities

Certain vulnerability classes appear repeatedly across router brands. Understanding these patterns helps you assess your risk even if your exact model is not listed above:

Vulnerability Type	Frequency	Typical Impact	Prevention
Command Injection	Very Common	Full device compromise (RCE)	Update firmware, disable remote management
Authentication Bypass	Common	Unauthorized admin access	Strong password, restrict admin to LAN
Buffer Overflow	Common	Remote code execution	Firmware updates, disable unused services
Default Credentials	Very Common	Full device access	Change passwords on first login
Path Traversal	Common	Config/credential disclosure	Update firmware, restrict web access

What to Do If Your Router Is Vulnerable

If you find your router model in the database above, take these steps in order of priority:

Check your firmware version — Log in to your router at 192.168.1.1 and compare your version against the fix recommendation.
Update firmware immediately — Follow our firmware update guide to install the latest version.
Disable remote management — If the vulnerability involves the web interface, ensure admin access is restricted to LAN connections only.
Change all credentials — Update your admin password and WiFi password using our Password Generator.
Disable unused services — Turn off UPnP, WPS, and any other services you do not actively use.
Consider replacement — If the device is end-of-life with no patch available, replace it with a supported model.
Monitor your network — Use our Port Checker to verify no unexpected ports are open.

Note: This database contains a curated selection of notable router and network device vulnerabilities. It is not exhaustive — new CVEs are published daily. For comprehensive vulnerability tracking, consult the National Vulnerability Database (NVD) and subscribe to your router manufacturer's security advisories.

End-of-Life Routers: A Hidden Danger

Many of the CVEs in our database affect routers that have reached end of life (EOL) — meaning the manufacturer no longer provides security updates. Running an EOL router is one of the biggest security risks for a home network, yet millions of devices remain in use worldwide.

If your router has not received a firmware update in over two years, it is likely EOL. Upgrade to a supported model that receives regular security patches. Modern routers with WPA3 support and active firmware development provide significantly better security. Consider models that support WPA3 encryption and built-in VPN capabilities.

Securing Your Router Against Known Threats

Beyond patching specific CVEs, these proactive measures protect against both known and unknown vulnerabilities:

Enable automatic updates — Many modern routers support automatic firmware updates. Enable this feature.
Use strong encryption — Enable WPA3 or WPA2-AES for your WiFi. Never use WEP or WPA-TKIP.
Segment your network — Put IoT devices on a separate network so a compromised device cannot reach your main computers.
Use encrypted DNS — DNS over HTTPS prevents DNS manipulation even if an attacker gains partial router access.
Disable WPS — WPS is a known vulnerability vector and should always be disabled.
Monitor open ports — Regularly check with our Port Checker to ensure no unexpected services are exposed.

Key Takeaways

CVEs are standardized vulnerability identifiers — check your router model regularly against known CVEs.
Critical vulnerabilities (CVSS 9.0+) require immediate patching or taking the device offline.
Command injection and authentication bypass are the most common router vulnerability types.
End-of-life routers with no available patches should be replaced with supported models.
Combine firmware updates with strong passwords, WPA3 encryption, and network segmentation.
Subscribe to your manufacturer's security advisories for timely CVE notifications.

Video: Router Security Vulnerabilities Explained

Related Guides

Frequently Asked Questions

How do I find my router's firmware version?

Log in to your router admin panel (usually at 192.168.1.1) and look for a section labeled "Firmware Version," "System Information," or "Status." The version number is typically shown on the main dashboard. See our router login guide if you need help accessing the admin panel.

What if my router model is not in this database?

This database covers notable vulnerabilities but is not exhaustive. Search your router model on the National Vulnerability Database (NVD) or check your manufacturer's security advisories page. The absence of a CVE does not mean your router is secure — it may have undisclosed vulnerabilities.

Can I be hacked through a router vulnerability?

Yes. Router vulnerabilities are actively exploited by botnets, state-sponsored actors, and cybercriminals. Critical vulnerabilities like authentication bypass and RCE can give attackers full control of your router and access to all network traffic. This is why firmware updates are essential.

How often should I check for router CVEs?

Check at least quarterly, or whenever a major vulnerability makes the news. Subscribe to your router manufacturer's security mailing list for automatic notifications. Also check after any unusual network behavior like unexpected DNS changes or slow performance.

What does "end of life" mean for my router?

End of life means the manufacturer no longer provides firmware updates, security patches, or technical support. Any new vulnerabilities discovered will never be fixed. If your router is EOL, replace it with a currently supported model to maintain security.

Should I disable remote management?

Yes. Remote management (accessing the router admin panel from the WAN/internet side) is the most common attack vector for router CVEs. Unless you specifically need it, disable remote management and only access the admin panel from your local network.

Is my ISP-provided router vulnerable?

ISP-provided gateways can be vulnerable. ISPs are responsible for pushing firmware updates, but they are often slow to patch. Check our database for your ISP gateway model. If vulnerabilities are found and no update is available, consider using your ISP gateway in bridge mode with your own router for better security.

About Tommy N.

Tommy is the founder of RouterHax and a network engineer with 10+ years of experience in home and enterprise networking. He specializes in router configuration, WiFi optimization, and network security. When not writing guides, he's testing the latest mesh WiFi systems and helping readers troubleshoot their home networks.