Multiple serious vulnerabilities were discovered that can be exploited by unauthorized, unauthenticated attackers, resulting in root-level access to the F9K1124 router and complete control over the local network.
Report #1: Exploitation via the guest WiFi network. (Published: June 2017)
Report #2: How both local and remote attackers can exercise unauthenticated command injection to take control of the network. (Published: July 2017)
Report #3: A signed firmware modification to allow an unauthorized, permanent firmware backdoor. (Published: August 2017)