source: https://www.securityfocus.com/bid/36031/info
Multiple 2Wire routers are prone to an access-validation vulnerability because they fail to adequately authenticate users before performing certain actions.
Unauthenticated attackers can leverage this issue to change the router's administrative password. Successful attacks will completely compromise affected devices.
2Wire routers prior to Firmware version 5.29.135.5 are vulnerable.
The following example URIs are available:
http://gateway.example.net?xslt?page=CD35_SETUP_01
http://gateway.example.net/xslt?PAGE=CD35_SETUP_01_POST&password1=*Ax512*&password2=*Ax512*