If successful, the attacker's script would modify the domain name system (DNS) settings on the victim's router, adding the attacker's own DNS server as the primary server while leaving the secondary setting as-is.
http://krebsonsecurity.com/2015/02/spam-uses-default-passwords-to-hack-routers/