Today, another forum user let me poke around his router's UI over the internet. That is, he allowed me to access his device from outside of his internal, protected network.

He has installed the 2.0.0.7 version of the firmware, and while the UI is a lot more functional than its predecessor, it is fundamentally insecure.

If you follow the link below, you will find a short (2 minute) screencast of how to bypass authentication with the 2.0.0.7 management interface:
ASUS WL-700gE UI Authentication Bypass

This is the worst security model I've ever seen implemented. It's absolutely ridiculous. Under no circumstances should your router allow access to the management UI from the public internet -- doing so is putting your configuration, personal data, and internal network at risk.