T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.
osvdb.org/32995
secunia.com/advisories/23853
www.securityfocus.com/archive/1/457453/100/0/threaded
www.securityfocus.com/archive/1/457645/100/0/threaded
www.securityfocus.com/archive/1/457656/100/0/threaded
www.securityfocus.com/archive/1/460319/100/0/threaded
www.securityfocus.com/bid/22160
exchange.xforce.ibmcloud.com/vulnerabilities/31621