Backdoor Found In D-Link Consumer Routers
I'm surprised someone has not flagged this up yet (unless none of you are using D-Link of course).
If you have a D-Link router I suggest you read this article from the BBC here: BBC News - Backdoor found in D-Link home routers
Apparently there will be a fix by the end of October.
The backdoor was discovered by security researcher Craig Heffner, who reverse-engineered the software used to control a D-Link DIR-100 router. Deep analysis of the code revealed a string of letters that, if used in the right way, unlocked remote access to the gadget.Writing about his findings on his blog, Mr Heffner speculated that the password string was included to make it easier for D-Link to remotely update some of its products. The same string has been found to work on seven D-Link routers (DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and the TM-G5240) and two from Planex (BRL-04UR and BRL-04CW).