Netgear WNR1000v3 routers suffer from a flaw in the password recovery flow that allows for disclosure of the plaintext router credentials. The flaw was reported to Netgear in April of 2013 and the vendor has yet to issue a patch. Included is a proof of concept exploit.
10ceab3cf4e7cbcfbcc0663fea13a84947509762cb859ef415f65fff661f9866