[btach]

The setup I have for my shop is a tiny computer with OpnSense with the LAN port connected to a 5-port switch. I have an old wifi router with OpenWRT installed put in switch mode for wifi access to that network (plus extra ethernet ports). I was thinking of looking into putting my cable modem/router into modem-only mode and using a different router like I have in my shop for the local network.

My question is this: If there were vulnerabilities in my modem/router firmware, does putting it in modem-only mode and using a separate router/switch mitigate them? Does it depend on the specific vulnerability?

[estaseuropano]

Just wondering: is yours a security or cost concern? For instance it strikes me that running three devices all day for 3-4 years (assuming that the devices themselves were free or cheap) might well cost the same as a single modern router costs in purchase+energy cost over the same period.