CVE-2023-35139

Published: Nov 28, 2023Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.

Affected (2)

Products: Zyxel: Zld

Zyxel

1 product

Zld

Configuration A

6 platform

Running on/with	Platform Versions
Zyxel Atp100	All versions
Zyxel Atp100w	All versions
Zyxel Atp200	All versions
Zyxel Atp500	All versions
Zyxel Atp700	All versions
Zyxel Atp800	All versions

Configuration B

7 platform

Running on/with	Platform Versions
Zyxel Usg Flex 100	All versions
Zyxel Usg Flex 100w	All versions
Zyxel Usg Flex 200	All versions
Zyxel Usg Flex 50	All versions
Zyxel Usg Flex 500	All versions
Zyxel Usg Flex 50w	All versions
Zyxel Usg Flex 700	All versions

Configuration C

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Zyxel Zld	From 5.10 to 5.37

Running on/with	Platform Versions
Zyxel Usg 20w Vpn	All versions
Zyxel Vpn50w	All versions

Configuration D

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Zyxel Zld	From 5.00 to 5.37

Running on/with	Platform Versions
Zyxel Vpn100	All versions
Zyxel Vpn1000	All versions
Zyxel Vpn300	All versions
Zyxel Vpn50	All versions

Related CWEs

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (2)

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps

Source: security@zyxel.com.tw

Vendor Advisory

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.