D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager.
https://exchange.xforce.ibmcloud.com/vulnerabilities/11074
http://www.securitytracker.com/id?1005926
http://www.securityfocus.com/bid/6609