Mentor ADSL-FR4II router running firmware 2.00.0111 has an undocumented web server running on TCP port 5678, which allows local users to gain access.

Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information.

Mentor ADSL-FR4II router running firmware 2.00.0111 allows remote attackers to cause a denial of service (active TCP connections state table consumption) via a large number of connections, such as a port scan.

Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell.

The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other products, allows remote attackers to read arbitrary files via a full pathname in the HTTP request.

Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user users, which allows remote attackers to gain privileges via Telnet or an HTTP request to adsl.cgi.

The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access.

Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL.

The HTTP administration interface on Conceptronic CADSLR1 ADSL router running firmware 3.04n allows remote attackers to cause a denial of service (device reboot) via an HTTP request with a long username.

The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remote attackers to obtain sensitive information such as the password, which is stored in plaintext.