The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16274
http://www.securityfocus.com/bid/10441
http://www.securityfocus.com/archive/1/365227/30/0/threaded
http://www.securityfocus.com/archive/1/365175
http://www.nwfusion.com/news/2004/0607confuse.html
http://web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201
http://secunia.com/advisories/11754
http://archives.neohapsis.com/archives/bugtraq/2004-06/0190.html
http://archives.neohapsis.com/archives/bugtraq/2004-06/0020.html
http://archives.neohapsis.com/archives/bugtraq/2004-06/0002.html
http://archives.neohapsis.com/archives/bugtraq/2004-05/0316.html