Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:uag2100_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.18\(aaiz.1\)c0
OR
cpe:2.3:h:zyxel:uag2100:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:uag4100_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.18\(aatd.1\)c0
OR
cpe:2.3:h:zyxel:uag4100:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:uag5100_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.18\(aapn.1\)c0
OR
cpe:2.3:h:zyxel:uag5100:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.30
OR
cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.30
OR
cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.30
OR
cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.30
OR
cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.30
OR
cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:* |
Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.30
OR
cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:* |
Added |
CVSS V2 |
|
(AV:N/AC:M/Au:N/C:N/I:P/A:N) |
Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism |
Added |
CVSS V3 |
|
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Added |
CWE |
|
CWE-79 |
Changed |
Reference Type |
https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/ No Types Assigned |
https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/ Exploit, Third Party Advisory |
Changed |
Reference Type |
https://sec-consult.com/en/blog/advisories/reflected-cross-site-scripting-in-zxel-zywall/index.html No Types Assigned |
https://sec-consult.com/en/blog/advisories/reflected-cross-site-scripting-in-zxel-zywall/index.html Exploit, Patch, Third Party Advisory |
Changed |
Reference Type |
https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml No Types Assigned |
https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml Patch, Vendor Advisory |
Changed |
Reference Type |
https://www.zyxel.com/us/en/ No Types Assigned |
https://www.zyxel.com/us/en/ Vendor Advisory |