Please tell me I am wrong. I tried to see if there was a "secret" (hidden, not-documented) DHCP reservation page in my WRT54G v5. I am running current latest, official Linksys firmware v1.00.9. So I pointed my browser to: http://local_ip/dhcp_reserved.asp First, I was surprised to get a clear text webpage (after authenticating) that provides this: name="router_name" size="20" value='my_actual_router_name_was_here' value="wpa_personal" selected> size=32 name=wl_wpa_psk value='my_actual_wpa_key_was_here' maxlength=64> value="mixed" selected> Uhm. Ok. Well, not a major security flaw considering that one has to authenticate in order to get it. BUT. I purposedly went to other browser (Safari, originally, but it works with Firefox in Linux and MacOS X, and Camino too) and went to the main URL: http://192.168.0.1 (or whatever) The authentication window comes up. Typed "admin" for the username field. Typed a really long password for the password field (like more than 256 characters). The router reboots instantly, killing Internet, Ethernet and Wireless connectivity. I contacted Linksys (live chat) and they did not seem to be interested at all. Did anyone know this? Can someone else try it? Imagine if you have remote webadmin enabled. Not cool. One more reason (like there were few) to move to OpenWRT/DD-WRT. Regards.