Skip to main content

Zld CVE-2023-35139

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2023-11-28 security@zyxel.com.tw
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Nov 28, 2023 - 02:15 nvd
MEDIUM 6.1

DescriptionNVD

A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.

AnalysisAI

A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs. Affected products include: Zyxel Zld. Version information: through 5.37.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

More in Zld

View all
CVE-2024-11667 CRITICAL
9.8 Nov 27

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through

CVE-2020-25014 CRITICAL
9.8 Nov 27

A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4

CVE-2024-42057 HIGH
8.1 Sep 03

A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.3

CVE-2024-42058 HIGH
7.5 Sep 03

A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series

CVE-2023-4398 HIGH
7.5 Nov 28

An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel

CVE-2024-7203 HIGH
7.2 Sep 03

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and

CVE-2024-42060 HIGH
7.2 Sep 03

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, US

CVE-2024-42059 HIGH
7.2 Sep 03

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, US

CVE-2020-29299 HIGH
7.2 Dec 27

Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change a

CVE-2024-42061 MEDIUM
6.1 Sep 03

A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmwar

CVE-2023-5960 MEDIUM
5.5 Nov 28

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.5

CVE-2023-5797 MEDIUM
5.5 Nov 28

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 t

Share

CVE-2023-35139 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy