Eloi Vanderbeken, a hacker and reverse-engineer from France has discovered an administration password Reset vulnerability in many Netgear and Linkys Routers.
He described the complete details of this Serious vulnerability in above slides. After his post, other hackers around the world did further research, that shows that these devices are made by Sercomm, meaning that Cisco, Watchguard, Belkin and various others may be affected as well. The Complete List of vulnerable devices is available at his GitHub post i.e. Linksys WAG200G, Netgear DM111Pv2, Linksys WAG320N, Linksys WAG54G2, DGN1000 Netgear N150 and many more. Click here to see the complete list of vulnerable routers.
The Python based exploit script can be downloaded from here.
Update: To perform this attack, an attacker should be the part of router's network, but also there are more than 2000 vulnerable routers available on the Internet, according to Shodan Scan search i.e Search-1 & Search-2.