Personal Fav. #3:
Auth bypass + WAN web interface
çNo interaction required from victim admin
çUsually simple to exploit. i.e.:
¼knowledge of “authenticated” URL
¼Replay request that changes admin setting
ç