Popular Belkin Wi-Fi routers plagued by unpatched security flaws
http://www.computerworld.com/article/2978183/security/popular-belkin-wi-fi-routers-plagued-by-unpatched-security-flaws.html
If your Wi-Fi network is using the popular Belkin N600 DB router, be warned: It may have several vulnerabilities that could allow hackers to take it over.
Remote unauthenticated attackers could exploit the vulnerabilities to spoof DNS (Domain Name System) responses and direct users to rogue websites or trick users' browsers to change the device configuration, the CERT Coordination Center (CERT/CC) at Carnegie Mellon University said Monday in an advisory.
Furthermore, attackers with access to the local area network could bypass an affected router's authentication and take complete control over it, CERT/CC said.
Exploiting some of the vulnerabilities requires attackers to be in a man-in-the-middle position between the router and its DNS servers or Belkin's update servers. However, other flaws can be exploited by tricking users on the local network to visit specially crafted Web pages or by infecting their computers with malware.
*end of excerpt*
My understanding is, many other consumer routers have vulnerabilities. This is one of the reasons I use DD-WRT for my router firmware. There are
others.