CVE-2018-14497: Tenda D152 ADSL routers allow XSS via a crafted SSID
Now change the SSID parameter name to <script>alert("sandip")</script>
Now everything is done. Now after the page reloads you will find that you will have a stored XSS as soon as you open General and then Basic Setup.
Steps are mentioned below:
Go to SSID parameter and change the name to <script>alert("sandip")</script>
Then press ok
Now when you reload the page it will show you a popup name sandip