Today I am publishing 5 Linksys router vulnerabilities so that consumers may be aware of the risks.
linksys vulns.txt

via Don’t Use Linksys Routers « Superevr.

I run a WRT54GL in my network but installed tomato on it because I never liked the linksys GUI and wanted to try out tomato.  Here’s his take on the WRT54GL:

1. Linksys WRT54GL Firmware Upload CSRF Vulnerability
I demonstrate Cross-Site File Upload in my BlackHat and AppSec USA talks. If you need more info on the vector itself, check out How to upload arbitrary file contents cross-domain by Kotowicz.

I suspect these kind of exploits exist in all consumer grade routers.