The default IP Addresses just as bad
Most routers sit on 192.168.1.1 or 192.168.0.1 by default. A small number are on 192.168.1.254. And Belkins are (used to be) on 192.168.2.1
This makes it trivial to send commands to the routers from a web page from the User's own PC from within the LAN. Visit a website, and it could well be issuing a command to your router using plain old HTML.