My first security advisory 🙂
Well, I reported XSS in Sterlite router on Feb 5, 2010.
Sterlite SAM300AX is used by broadband customers in Delhi and Mumbai, India. Given the customer base of MTNL in these 2 metro cities, this vulnerability may be extremely useful for an attacker and / or a bot herder looking for new bots.
After waiting for vendor response 2 weeks +, I decided to publish this to Full Disclosure/publicly.
Sharing the vuln POST request and parameters here: