Here is a link to a ZDnet article about this exploit: http://news.zdnet.com/2100-1009_22-6159938.html
Here are links to the Indiana University report about the exploit: http://www.cs.indiana.edu/cgi-bin/techreports/TRNNN.cgi?trnum=TR641
- the abstract (summary)http://www.cs.indiana.edu/pub/techreports/TR641.pdf
- the details
Note that the report has not yet been published. I would take this one seriously, as Linux boxes can likely be used to mess up a router via malicious sites. The bottom line is to lock down your router by changing the default password on it.