D-Link Router Backdoor
Several versions of D-Link router firmware contain a backdoor. Just set the browser’s user agent string to “xmlset_roodkcableoj28840ybtide,” and you’re in. (Hint, remove the number and read it backwards.)
It was probably put there for debugging purposes, but has all sorts of applications for surveillance.
Good article on the subject.
EDITED TO ADD (11/14): There are open-source programs available to replace the firmware.