"Is it serious? Yes it definitely is," said Jonathan Wu, senior director of product management at Netgear, one of the top three router brands in the US.
"Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don't want it to go to."
However, Mr Wu added that attackers would have to get access to the network first and then guess the admin password.
Mr Giron thinks that in his case, access was gained because his router settings had been configured so that they could be accessed remotely."
So..where's the exploit? The owner chose to configure their router so that it was visible from the WAN then someone else guessed the password and reconfigured the DNS settings.
Possibly it's just a badly written article but I don't see anything here that needs a firmware update.