Hackernews has another story about exploited devices: Archer routers
This router the Archer TP link 
“The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with The Hacker News.”
As mentioned previously RCE is very bad – Remote Code Execution
That means if the device is on the network (which is the function of routers – to route internet traffic) then it can be exploited.
One has to upgrade to latest firmware (if possible) or disconnect/ replace. It is that dangerous!!
Performing periodic Risk assessments is a good idea. It is too late for you to uncover an exploit by showing the results of a hack. It is better for a risk assessment to uncover these items and then they can be mitigated.
Contact to discuss