This paper by Zachary Cutlip details the process of reverse engineering a British Telecom HomeHub 3.0b firmware and remotely exploiting the router. The BT HomeHub 3.0b is customer premise equipment (CPE) purpose-built for BT’s consumer broadband service..
Download the paper from here – https://s3.amazonaws.com/zcutlip_storage/BT%20HomeHub3.0b%2044Con%20%28Zachary%20Cutlip%29.pdf