Three of the issues would allow an attacker to take over your router from inside your LAN (not externally). Only one of the issues is an RCE that would usually be exploitable from outside your LAN, and there's some debate as to how hard that one would be to exploit. It might be as simple as getting you to visit a web page, but the published proof of concept would require something like tricking you into manually running a query via the command line or some other administrative tool.