Do we need to factory reset our routers, and reset names and passwords etc like this article suggests? I hope not, that would be a huge pain.
New Critical Password Warning—86% Of All Router Users Need To Act Now
To be honest the article suggests this:
as for vulnerabilities... I don't think they are severe enough someone from the wan side can remotely attack it.
the vulnerable ones are the ones being local, but if you use strong generated passwords you will greatly reduce the attack surface, also for wireless, since often they try to crack it with a password list, or rainbow tables.
Things like krack, kr00k, dragonblood is already patched or semi patched in OpenWrt for wifi, against deauthing you can use wpa2+802.11w (managed frame protection), or wpa3 which defaults it.
If you are advanced you could isolate groups of devices, or even wifi via multipsk and block the web part of the router for these isolated networks, this is what i do currently but it may break gl logic.
I dont think gl suffers from big threats 
1 Like
No, this isn't true for GL.iNet since the UI will force you to set a password as soon as you start
Since the router does not really support auto-setup by your ISP (and will never shipped by ISP as well) this isn't something you might worry about.
1 Like
Ok. Phew! 
Thanks for responding!