i recently got an rv042 and updated to the most recent (v4.0.4.02-tm (Jul 4 2011 13:30:56)) firmware. but the input to the login page isn't sanitized and seems to be a gaping xss vulnerability. if i enter
edit - looks like disabling Unauthorized Login Attempt logging will prevent the username from being written into the log. so that mitigates the danger. but it's enabled by default and that's the kind of thing i like to see in logs. seems like it deserves a fix.