Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for invalid authentication attempts to the CGI script, which allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script.
https://exchange.xforce.ibmcloud.com/vulnerabilities/34334
http://www.securityfocus.com/bid/23967
http://www.securityfocus.com/archive/1/468361/100/0/threaded
http://www.devtarget.org/speedport700-advisory-05-2007.txt
http://securityreason.com/securityalert/2705