There is a report on Security Focus of a problem in PAT (Port Address Translation).
The report state: "There is a problem in PAT (Port Address Translation) that can be used to access all ports in the computer behind the router. When trying to connect to a port that is not redirected to a computer behind the router using PAT, there is no problem, the router don't allow this connection. But if before we connect to a port redirected using PAT and inmediately we try to connect to any port not redirected using PAT, the router allows the successiveconnections to any port. The problem exists with TCP and with UDP.".
This problem is yet to be confirmed by 3Com.