The thing is, most router web app could show all the UPnP services inside its network, and I'm guessing there are some XSS vulnerabilities there, but is there any ways to do this quickly?
[Modify the name of an existed UPnP service]
or
[Write an UPnP service with xss payload in its name]
are both acceptable.
Could u guys give me a favor?
Btw, is it possible to put some xss payload into a device name?
