[原文]LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
Linksys Etherfast BEFSR41 routers contain a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext ISP account username/password combinations when accessing the index.htm page from the hardware management interface. This may lead to a loss of confidentiality, integrity and/or availability.
Upgrade to firmware version 1.39.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.