ALERT: Recommendation is to stay away, as security is taken very lightly.
Many Netgear routers have a remote authentication bypass bug.
This means malware or miscreants that are on your network, or anyone else is able to reach the device's web-based configuration interface, can gain control without having to provide a password.
Just stick the following in the URL to gain full access:
&genie=1
NOTE: The genie_restoring.cgi script, provided by the box's built-in web server, can be abused to extract files and passwords from its filesystem in flash storage – it can even be used to pull files from USB sticks plugged into the router.
Pressing the Wi-Fi Protected Setup button, many of Netgear's routers open up a two-minute window during which an attacker can potentially execute arbitrary code on the router as root over the air.