SMC broadband routers ship with remote administration enabled by default on port 1900 on the WAN side of the router. Hitting the external IP address on port 1900 and clicking Login allows a malicious attacker to gain full access to the device. Tested against model 7008ABR and 7004VBR.
3eee3cdb3e0331844cad85a831f6ec24d5f5d0c1e6400811a41972102e98b154