If you are using a SOHO router, you are likely to have either 192.168.0.1 or 192.168.1.0 as the default page for configuring network settings. The address at which the router resides is known as the default gateway. Other network devices use similar addresses as the default location for their configuration pages. Since they are universally used default IP addresses, threat actors that have infiltrated your network know to search those addresses for potential access to network settings. If this vulnerability is combined with the use of default network device credentials, a threat actor can compromise your network configuration with no effort. Accessing configuration pages allows them to pivot to a very highly privileged system. You can't get much more privileged than getting high-level admin access to the settings that manage your entire network. To mitigate this risk, change the IP address of your default gateway interface to a random IP on your network, like 192.168.0.43, for example. This procedure should be applied to all devices and services that advertise configuration portals on the network.
