I got an Arcadyan AR7516 off Ebay for cheap, and I've been trying to OpenWrt on it since I got it.
I was unable to use the CFE HTTP web server method of OpenWRT installation as the CFE environment requires a username and password, and I don't know what it is (I've tried variations of root/root, root/admin, admin/admin, etc.).
So I got a USB-TTL adapter, got a soldering iron and soldered some pins onto the serial header. I managed to get access to the serial console but then discovered that there is no prompt - whether I stop the boot in the bootloader by pressing "any key" (tried Esc, Ctrl+C, and various other keys), nor if I let the router boot up.
I have no idea what to try next. This router has no JTAG access, only serial, but that's a bit useless if I can't get a console prompt.
Once the router finishes doing its thing, you can now telnet in using the user name root and the password password (on some firmware versions this might be admin:password instead).
What about this combinations mentioned in the wiki?
Beside that the wiki is telling you that the router has jtag but no header/pinout. Also SPI flashing looks more complicated to me than usually. I would try the CFE approach first instead messing arround with:
but the chip's VCC is connected to the rest of the board so you run the risk of drawing too much power and/or flashing while the CPU is awake; consider fitting an isolation jumper. You may find the chip gets enough power parasitically that it flashes OK without its VCC connected. Don't let any other pins float unless they're NC though.
Apparently, the page which gets access to manufactory mode is now locked out. I've tried various little hacks to try to get around it - turns out it uses a couple stupid insecure hidden form fields to stop you accessing the actual page.
STILL couldn't get in. I'm not really sure where to go from here.
If so then I cannot help further with this device.
The only thing left I can suggest is trying a different browser and/or delete browser cache.
The only workarround I would have is to save configuration in a file (if possible or you have made before working on this device). There is often the password included. Maybe plain or with an md5 hash on older devices. You could try to bruteforce it if there is no salt. I did that in the past with an older FritzBox already. But be aware ... The longer the password is ... You can also buy such services online nowdays it seems: https://www.md5online.org/md5-decrypt.html oO ... I didn't find a better link fast asking google.
Maybe there is a TR-069 service interface with a standard password on the device also? As it is an ISP box.
This thread could help also (didn't read through):