The risk is very low, bordering zero. The previous owner may have installed a custom firmware or changed its configuration, but a firmware upgrade and factory reset is enough to take care of almost every change.

The risk that the previous owner tampered with the router and his changes can survive even a firmware upgrade and factory reset is negligible.

So, don't worry, unless you are a person of special interest: working on top-secret stuff or have privileged financial information on a big enterprise. But as you are buying a used router, I bet you are a common guy and would not be a target for those attacks.

Short answer: do a factory reset, update the firmware, and you are good to go.

The risk is very low, bordering zero. The previous owner may have installed a custom firmware or changed its configuration, but a firmware upgrade and factory reset is enough to take care of almost every change.

The risk that the previous owner tampered with the router and his changes can survive even a firmware upgrade and factory reset is negligible.

So, don't worry, unless you are a person of special interest: working on top-secret stuff or have privileged financial information on a big enterprise. But as you are buying a used router, I bet you are a common guy and would not be a target for those attacks.