BT Home Hub and Thomson/Alcatel Speedtouch 7G Multiple Vulnerabilities
The following exploit code is available through GNUCitizen:
UPDATE (January 10, 2008) - The cross-site scripting issue can be leveraged to perform unauthorized actions via UPnP. Please see the Bugtraq message entitled "BT Home Flub: Pwnin the BT Home Hub (5) - exploiting IGDs remotely via UPnP" in the references section for further information.
UPDATE (January 21, 2008) - The following proof-of-concept URI is available; please see the referenced "Call Jacking: Phreaking the BT Home Hub" webpage for further information: