The Router Is Not a Passive Device - It's the Attack Surface

The Router Is Not a Passive Device - It's the Attack Surface Routers with default credentials and unpatched firmware are accessible from the internet in multiple deployments across organizations. These devices allow remote access to internal network data without authentication. No evidence of detection exists in monitored environments. The vulnerability is tied to a publicly disclosed CVE (CVE-2025-6843), rated as high severity due to its ability to bypass authentication through a hardcoded back