If its vulnerable (I'd first look at wireless comms and remote open ports) I'd just get a better/different router instead of this one. There's some quality ones out there. AVM sells a Fritz!box which has DOSCIS, and if you don't fancy Fritz!OS (fair enough) you can install something else like OpenWrt. If provider doesn't deliver these, QQ about it in public, or switch provider.
I used to run my own PCI DSL modem (read: router) on a Soekris. Sanoma S518 was ADSL1 only and difficult to get working FOSS drivers for (IIRC didn't work on *BSD). Sanoma S519 worked for ADSL2, but used a RTL8139 externally while it ran proprietary firmware for the DSL part. I ditched it when I got VDSL(2). Later on, I found a Draytek Vigor (IIRC with the numbers 130 or 132 in it) which did work with VDSL but I already gave up and ran a Fritz!box instead. Which used to be hackable, in the sense that you could get root on it, and mod it ('Freetz').
I used to run my own PCI DSL modem (read: router) on a Soekris. Sanoma S518 was ADSL1 only and difficult to get working FOSS drivers for (IIRC didn't work on *BSD). Sanoma S519 worked for ADSL2, but used a RTL8139 externally while it ran proprietary firmware for the DSL part. I ditched it when I got VDSL(2). Later on, I found a Draytek Vigor (IIRC with the numbers 130 or 132 in it) which did work with VDSL but I already gave up and ran a Fritz!box instead. Which used to be hackable, in the sense that you could get root on it, and mod it ('Freetz').