FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2023-27990

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

Published: Apr 24, 2023 / Updated: 19mo ago

010
CVSS 4.8EPSS 0.05%Medium
CVE info copied to clipboard

The XSS vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2023-27990. See article

Apr 24, 2023 at 5:37 PM / cve.report
EPSS

EPSS Score was set to: 0.05% (Percentile: 12%)

Sep 17, 2023 at 1:22 PM
Static CVE Timeline Graph

Affected Systems

Zyxel/usg_flex_100_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-209: XSS Using MIME Type Mismatch
+null more

References

Zyxel security advisory for XSS vulnerability and post-authentication command injection ...
Google 快訊 - Security Vulnerability / 19mo
The XSS vulnerability in some firewall versions could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.

News

CVE-2023-27990
CyberSecurityBoard.com Cyber News | RSS Feed / 10mo
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 CVE-2023-27990 originally published on CyberSecurityBoard
Zyxel Firewalls: Critical Vulnerability! Multiple vulnerabilities reported
Breaking Latest News / 17mo
The latest manufacturer recommendations regarding updates, workarounds and security patches for this vulnerability can be found here: CISA Alert (Status: 01.06.2023). These often contain further information on the latest version of the software in question and the availability of security patches or tips on workarounds.
CVE-2023-27990 (atp100_firmware, atp100w_firmware, atp200_firmware, atp500_firmware, atp700_firmware, atp800_firmware, usg_20w-vpn_firmware, usg_flex_100_firmware, usg_flex_100w_firmware, usg_flex_200_firmware, usg_flex_50_firmware, usg_flex_500_firmware, usg_flex_50w_firmware,....
Latest articles about All products / 18mo
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls No Types Assigned https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls Vendor Advisory
Critical Vulnerabilities Spotted In Zyxel Firewall - Cyber Security News
""cve-2022" OR "cve-2023"" - Google News / 18mo
The vendors have patched a few critical vulnerabilities in Zyxel Firewall that could allow remote command execution attacks. According to Zyxel’s advisory, the flaw existed due to improper message handling, allowing an unauthenticated remote adversary to execute OS commands on the target firewall devices.
Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches
Hackademicus / 19mo
“Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.” Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall.
See 12 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:High
User Interaction:Required
Scope:Changed
Confidentiality:Low
Integrity:Low
Availability Impact:None

Categories

CVSS 4.8(21798)CWE-79(31346)Zyxel(259)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial