The Ericsson HM220dp DSL modem/router provides no authentication for his Web Administration panel. So, a malicious user can access the panel and change settings on a local network. I discovered another serious implication of this bug: the vulnerability can be exploited also throughout a web page, this means that a script contained in a malicious web site (or e-mail) can modify the modem configuration; is also possible to interrupt the modem connection. Enjoy IT!