This could allow attacker(in your lan) to exhaust all available CPU and crash the kernel via a flood of ICMP packets with forged source IP addresses associated with the public Internet without fast connection. If you launch the exploit with local IP addresses, the router can handle the connections.
Please run the exploit and watch how your device will be crashed in less than 3 seconds and after that please run it on another router or firewall with default security configurations that exist in the market such as cisco or etc and watch how they can handle this situation.
Blocking the protocol or buying another router with more resources are not a solution, you should change the kernel's parameters such as other linux kernel or devices for this security situations.
Any devices need a basic security configuration before introducing to the market or you should block any protocol by default and let the admins open them if it's necessary.
You said "Somebody is opening many connections and watching how the CPU rises". Please check this link for understanding the ICMP Flood attack.
https://www.juniper.net/documentation/e ... nding.html
This is another exploit that an unathenticated remote attacker can exhaust all your available CPU for a long time by sending a simple carfted request(less than 300KB) to your router:
I sent the video of this attack to you and you answered you should have a firewall but as you know it is not depends on the firewall and it's about parsing the request because the router can handle the huge request and you saw this on that video.
I will not continue this conversation because anything that I have reported to you by the email during the recent year are answered like this comment that you wrote here.
Your company is one of the best and many organizations are using your products. If I reported anything to you, it was about improving the security. These simple attacks could be a big problem for the organizations that using your products.