http://blogs.forbes.com/firewall ... erable-to-web-hack/
One comfort for users may be that Heffner\'s method still requires the attacker to compromise the victim\'s router after gaining access to his or her network. But that can be accomplished by using a vulnerability in the device\'s software or by simply trying the default login password. Only a tiny fraction of users actually change their router\'s login settings, says Heffner. "Routers are usually poorly configured and have vulnerabilities," he says. "So the trick isn\'t how to exploit the router. It\'s how to get access to it."
