Recently I've read about viruses and worms that attack routers and do some nasty things, incl. DNS changes etc. In the beginning, I just read that some people have issues that their DNS server address being substituted for something fake and evil. To me it didn't make sense, 'cos normally only me and my ISP would have access to the router's admin panel. Then I heard that there's a primitive web server operating in the router and that way we get to see web interface of the device's admin panel. And those viruses and worms use the inner server's vulnerabilities. So from what I understood (correct me if I'm wrong here), it's not some hacker sitting somewhere and seeing my login window. Also I read that those types of attacks are pretty rare due to the fact that the virus must be written specifically for a certain type of a device.
Frankly, I feel bad that such an experienced person like me when it comes to computers wasn't even aware of all that. I just happened to read couple of articles recently and they brought my attention to the matter.
So I wanted to hear your comments, suggestions and corrections. Is there something else I should know when it comes to the risks as far as routers are concerned? Here I'm not asking about a remedy. Just want to know the dangers.