I recently found a vulnerability in Zyxel P-660R T1 . Although the impact factor is quite low as it is an XSS (Cross site scripting) but still a vulnerability is a vulnerability .
Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]
Exploit:
VECTOR : http://IP/Forms/home_1?&HomeCurrent_Date=‘ XSS Vector ‘01%2F01%2F2000
This works with the post request too ! As by default this value is sent through POST request.
Author : Usman Saeed , Xc0re Security Research Group.