A lazy installer will open the front door.

[DelJo63]

Found this comment

Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials. When credentials are found, the exploit then makes the routers part of a botnet that’s used in a host of online attacks, researchers said on Tuesday.

DUH!! Of course any router still running with default settings and admin password will get attacked. BTW, that's also how the Ring Doorbell and those baby monitors gets hacked