I wonder how this would hold up in court, couldn't you argue that routers are generally buggy, how can they force any responsibility if they can easily be hacked?
Germany has some sensible laws about personal responsibility, like it being an offence to run out of gas on the autobahn and seriously treating driving in general as a privilege. But it requires a certain cultural mindset.
The “old” Motorola router division Motorola Home got sold to Arris _without_ the brand name in 2013, and then the brand name went to Zoom in 2016. Zoom merged with another vendor called Minim, went bankrupt in 2023, and the assets were bought by a company called e2Companies in 2024.
So e2Companies is who the author should email, but good luck. I’m shocked these were even “maintained” until 2024.
>vender doesn’t want to fix it
Sometimes I wonder if the white hat hackers who find such a thing should just take it a step further and patch those hosts. Take the firmware, fix those bugs and update those 42 routers.
But it’s definitely not white hat.
https://www.zdnet.com/article/a-mysterious-grey-hat-is-patch...
A search of "router/firmware/query.aspx" leads me to D-Link endpoints who also uses the "wrpd" subdomain.