"So we managed to change passwords for both ssh and telnet, gain access to Root user for the web interface, changed that password too. We changed ACS URL to ours and remove the IP restrictions. To put it simply, we cleaned up our router from our ISP. Good for our privacy."
You forgot this bit of the summary, which I think is more interesting!
"Still there is an authorized ssh key left in the firmware but for now it’s enough that we’re keeping the ISP out. Maybe in the future, we can repack the firmware with our configuration and keys and install it on the router. For now, take care!"
Part 2: https://0x90.psaux.io/2020/03/19/Taking-Back-What-Is-Already...
And 3: https://0x90.psaux.io/2020/03/22/Taking-Back-What-Is-Already...
Summary from the end of Part 3:
"So we managed to change passwords for both ssh and telnet, gain access to Root user for the web interface, changed that password too. We changed ACS URL to ours and remove the IP restrictions. To put it simply, we cleaned up our router from our ISP. Good for our privacy."