An upcoming presentation at the Black Hat security conference later this month will reportedly demonstrate how millions of household routers, from popular brands such as Netgear, Linksys, and Belkin, suffer from a vulnerability that allows hackers to intercept and redirect traffic as well as access computers on a local network. The flaw was discovered by Maryland-based security consultancy Seismic and exploiting it involves an old a technique called DNS rebinding.
By visiting a maliciously crafted website, vulnerable routers can be tricked into giving up a visitor's IP address as if it were a secondary IP address for that site. This in turn allows the router's administrative front-end to be compromised, enabling hackers to gather information from the router, monitor traffic, and access machines on the victim's network. Though these router front-ends are normally password-protected, most people don't bother changing the default passwords, and even when they do, security flaws within the front-end may allow the password to be bypassed anyway.
Modern browsers offer some level of protection against such attacks, but not with this particular scenario -- for reasons that are due to be explained at the Black Hat conference. The researchers claim these vulnerabilities have been known for a while, which is why they've announced plans to release a proof-of-concept tool that will facilitate such attacks, with hopes that browser writers and router vendors will finally come around fixing the issue.
A list of vulnerable routers tested so far can be found here -- the last column indicates whether the specific router listed is prone to this sort of attack or not. While we wait for more details to become available, Notebooks.com lists some possible workarounds such as updating your router's firmware and using strong passwords.