"A quick Christmas hack uncovers a vulnerability in Linksys, Netgear, others."
A hacker has found a backdoor to wireless combination router/DSL modems that could allow an attacker to reset the router's configuration and gain access to the administrative control panel. The attack, confirmed to work on several Linksys and Netgear DSL modems, exploits an open port accessible over the wireless local network.
The backdoor requires that the attacker be on the local network, so this isn't something that could be used to remotely attack DSL users. However, it could be used to commandeer a wireless access point and allow an attacker to get unfettered access to local network resources. Update: Vanderbeken reports some routers have the backdoor open to the Internet side as well, leaving them vulnerable to remote attack.
Continued : http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/
Hacker backdoors Linksys, Netgear, Cisco and other routers
Critical backdoor in Linksys and Netgear routers found