Many years ago I went hunting for CSRF attacks in SOHO routers and found it in all of them. Most of them completely ignored me when I reported it, one accused me of accessing an internal dev-only version (when it was simply in the office of a friend of my boss). Checkpoint followed through like professionals.
(To be fair, I was working at a place selling all-in-one firewalls to SMB, so many of those boxes were our competitors.)
(To be fair, I was working at a place selling all-in-one firewalls to SMB, so many of those boxes were our competitors.)