man, they missed a golden opportunity at expanding their botnet by not making the worm to also support routers with ARM chips... i bought last year in December a sweex LW300 ( www.sweex.com/LW300 ) wireless-n router and found that it comes with an open-root telnet shell terminal (accessible from the internal network) that cannot be secured at all with a password even if you configure one for the web interface. I returned that *thing* to the store the next day and got another brand instead.

I got in touch with the guys at sweex and a guy named Tim van Wegberg (tim at sweexdotcom) replied to me that (quote from his message) "There is no new firmware available for this router because there are no known severe issues with the current firmware."

telnet with open root shell access available to anyone on the internal network (including open wireless if so configured) is not a severe issue? ROFLMAO.

and for reference, here's some info on the router:
kernel build id:
Linux (none) 2.6.17 #832 Tue Dec 4 15:39:35 CST 2007 armv5tejl unknown

and a contents of /proc/cpuinfo
Processor : ARM926EJ-Sid(wb) rev 5 (v5l)
BogoMIPS : 285.90
Features : swp half fastmult edsp java
CPU implementer : 0x41
CPU architecture: 5TEJ
CPU variant : 0x0
CPU part : 0x926
CPU revision : 5
Cache type : write-back
Cache clean : cp15 c7 ops
Cache lockdown : format C
Cache format : Harvard
I size : 16384
I assoc : 4
I line length : 32
I sets : 128
D size : 16384
D assoc : 4
D line length : 32
D sets : 128
Hardware : 5VT13XX

Yeah it never made sense to me as to why use embedded Linux when the BSD license is way better.

Because if its something else it will get hacked into.

Monowall for life.