Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-9955

CWE-79 — Cross-site Scripting (XSS)5 documents5 sources

Severity

6.1MEDIUM

EPSS

10.7%

top 6.68%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Zyxel Atp200 Firmware Zyxel Atp500 Firmware Zyxel Atp800 Firmware +15 more

Timeline

PublishedApr 22

Latest updateMay 24

Description

On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages18 packages

▶NVDzyxel/zywall_1100_firmware4.31

▶NVDzyxel/usg1100_firmware4.31

▶NVDzyxel/zywall_110_firmware4.31

▶NVDzyxel/zywall_310_firmware4.31

▶NVDzyxel/usg40w_firmware4.31

Patches

Patch: www.securitymetrics.com ↗Patch: www.securitymetrics.com ↗

🔴Vulnerability Details

GHSA

GHSA-9r2m-gm27-q4jp: On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 11↗2022-05-24

▶

CVEList

CVE-2019-9955: On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 11↗2019-04-22

▶

💥Exploits & PoCs

Exploit-DB

Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting↗2019-04-16

▶

Nuclei

Zyxel - Cross-Site Scripting

▶