Linksys wireless router is open to attacks
Russ McRee of HolisticInfoSec.org reports that Cisco's Linksys WRT160N wireless router is vulnerable to cross-site request forgery attacks. If you visit a site that contains an exploit targeted at the WRT160N while signed into the device's management app, the exploit can modify your router settings. (An article by the Open Web Application Security Project describes the mechanics of cross-site request forgery attacks.)
According to McRee, the problem definitely exists in hardware version 1 and firmware version 1.02.2. Although Cisco has released newer versions of the router, the company hasn't said whether the same exploit affects the newer devices. Meanwhile, we have to assume that it does.
Your defense against the vulnerability is to make certain that you don't visit any Web sites while managing your WRT160N. You need to log out of your router once you finish your management tasks — which you should do, even when there aren't any known exploits targeting a particular router.
Be sure to check Cisco's WRT160N software download page and watch for a newer version of the router's firmware.