To cite one important piece of literature: „Don’t panic“. While the flaw is serious and it will be patched, it has somewhat lower impact on your router than on a shared hosting, for example.
The flaw allows an ordinary user to gain administrative privileges. It is a local attack. However, by default, there are no ordinary users on the router in the first place. So you would either have to give some bad guy shell access or the bad guy would need to crack some other service exposed to the Internet to get in first (and, considering TurrisOS being derived from OpenWRT and most things already run with administrative privileges, this attack wouldn’t be needed after that). No services are made available in the default configuration to the outside Internet.
We do take it seriously and we’ll release the fix soon (no concrete schedule is set yet, though), but unless you made some serious changes to the configuration, you’re safe from this problem.
If you really insist on running shared shell hosting on your router, then you could migrate to the nightly branch, however things may (and do) break there, so I won’t post the guide how to do that here.