CVE-2023-35139

A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*
OR cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*
OR cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*
OR cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*
OR cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*

History

04 Dec 2023, 18:09

Type Values Removed Values Added
References () https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-apsĀ - () https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-apsĀ - Vendor Advisory
CVSS v2 : unknown
v3 : 5.2
v2 : unknown
v3 : 6.1
First Time Zyxel usg Flex 200
Zyxel zld
Zyxel atp500
Zyxel
Zyxel usg Flex 50
Zyxel vpn1000
Zyxel vpn50w
Zyxel atp800
Zyxel atp200
Zyxel atp100w
Zyxel atp700
Zyxel vpn100
Zyxel atp100
Zyxel vpn50
Zyxel usg Flex 100w
Zyxel usg Flex 500
Zyxel usg 20w-vpn
Zyxel usg Flex 50w
Zyxel vpn300
Zyxel usg Flex 100
Zyxel usg Flex 700
CPE cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*

28 Nov 2023, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-28 02:15

Updated : 2023-12-10 15:26


NVD link : CVE-2023-35139

Mitre link : CVE-2023-35139

CVE.ORG link : CVE-2023-35139


JSON object : View

Products Affected

zyxel

  • zld
  • vpn100
  • usg_flex_200
  • usg_flex_700
  • atp100
  • atp200
  • vpn1000
  • usg_flex_50w
  • usg_20w-vpn
  • usg_flex_100
  • vpn300
  • usg_flex_500
  • vpn50w
  • usg_flex_50
  • atp500
  • atp700
  • usg_flex_100w
  • atp100w
  • vpn50
  • atp800
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')