A 9.8-rated authentication bypass flaw highlights the need for users to install firmware updates, reset factory-admin passwords