Firmware Version: V18.104.22.168PRRU
Open your browser and open
http://<your router IP>/BRS_02_genieHelp.html
Select one of the Radio buttons, and you will bypass the router authentication.
Edit your config freely in case you forgot your password and you even don't need to press the RESET button.
However, it's more like a bug not a backdoor. Who will write an user-friendly GUI for a backdoor? :)
There is also a injection vulnerability.
http://<your router IP>/ping6_traceroute6_hidden_info.htm and enter
`reboot` in the box called
ping6 to, you can successfully reboot your router. This page requires authentication in V22.214.171.124PRRU. But in previous version of firmware, this page doesn't need authentication so crackers can use this page to obtain root privilege of your router.
You can get update from
ftp://download.netgear.com.cn:8084 to fix problems mentioned above.