I found an exploit for the Linksys WRT54G/S. http://seclists.org/lists/fulldisclosure/2005/Oct/0329.html <-- discovery http://seclists.org/lists/fulldisclosure/2005/Oct/0373.html <-- confirmation