ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote malicious users to bypass authentication.
arris vap2500 firmware