Router unsecured - So What??
well if thier connecting to your router and your router is on the network then that would mean thier connecting to your network so imagine what they could do by being connected to you network.
for instance say they connect to the router and they run C&A while your on your computer then they could see what websites your going to if you enter any passwords they might be able to get those depending if its a secure connection or not. they could run something like langaurd or a port scan. it just provides better access to your computers that are on the network.
Most modern SOHO routers have a series of network diagnostic functions that can be used to determine where a network connection may be failing. Conversely, these could also be used on the internal network to enumerate targets.
As most home users are tech-un-savvy and running Windows-based OS's, you can take a guess as to what ports might be open, then configure port forwarding from the outside in through the router's interface. For XP SP1 (or pre-SP1, I forget), Telnet is enabled by default; this was changed in SP2. File sharing is enabled by default, at least for the hidden shares. Check for RDP, VNC, etc.
Also, as fallingmidget stated, a victim's traffic could be redirected to a location of the attacker's choosing, then analyzed / intercepted to glean valuable information. This would also be easily achievable through configuring port forwarding on the router.
Any insecurity can be a tool to gain further access; it just takes a bit of creativity to use it effectively.