The list of devices affected has grown and there is no end in sight yet. For a more current list:
"Courtesy of Cisco Talos, here’s a current list of the models that can be affected by VPNFilter. Those identified as new weren’t included in the original report.
Asus
RT-AC66U (new)
RT-N10 (new)
RT-N10E (new)
RT-N10U (new)
RT-N56U (new)
RT-N66U (new)
D-Link
DES-1210-08P (new)
DIR-300 (new)
DIR-300A (new)
DSR-250N (new)
DSR-500N (new)
DSR-1000 (new)
DSR-1000N (new)
Huawei
HG8245 (new)
Linksys
E1200
E2500
E3000 (new)
E3200 (new)
E4200 (new)
RV082 (new)
WRVS4400N
Mikrotik
CCR1009 (new)
CCR1016
CCR1036
CCR1072
CRS109 (new)
CRS112 (new)
CRS125 (new)
RB411 (new)
RB450 (new)
RB750 (new)
RB911 (new)
RB921 (new)
RB941 (new)
RB951 (new)
RB952 (new)
RB960 (new)
RB962 (new)
RB1100 (new)
RB1200 (new)
RB2011 (new)
RB3011 (new)
RB Groove (new)
RB Omnitik (new)
STX5 (new)
Netgear
DG834 (new)
DGN1000 (new)
DGN2200
DGN3500 (new)
FVS318N (new)
MBRN3000 (new)
R6400
R7000
R8000
WNR1000
WNR2000
WNR2200 (new)
WNR4000 (new)
WNDR3700 (new)
WNDR4000 (new)
WNDR4300 (new)
WNDR4300-TN (new)
UTM50 (new)
Qnap
TS251
TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link
R600VPN
TL-WR741ND (new)
TL-WR841N (new)
Ubiquiti
NSM2 (new)
PBE M5 (new)
Upvel
Unknown models (new)
ZTE
ZXHN H108N (new)"
A Factory Reset is now the recommended fix, before doing that be sure to write down the settings you will need to re-input after the reset. These include Wireless Network names (SSIDs) and passwords, make sure they are correctly copied as even a mis-inserted space can mean a lot of extra work in re-setting up wireless devices. As the list is not yet final, if you are at all concerned about the security of your device even if it is not on the current list you are welcome to carry out a Factory Reset as a precaution. No Cisco devices have yet been identified as being affected.
After the Factory Reset, ensure you at least change the password to access the device from the default one to something secure, and it is better to also change the user name to access the device from the default, which is likely to be something like admin, Admin, Administrator or similar.
The malware has now been ascertained to be able to stage man in the middle insertion of malicious code into web pages as they pass through the router/modem or network connected device.
For a more thorough read of the detail: