CVE-2023-35139
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
Published: Nov 28, 2023 / Updated: 11mo ago
010
CVSS 5.2EPSS 0.04%Medium
CVE info copied to clipboard
A cross-site scripting (XSS) vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50(W) series firmware versions 5.10 through 5.37, USG20(W)-VPN series firmware versions 5.10 through 5.37, and VPN series firmware versions 5.00 through 5.37, could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed to steal cookies when the user visits the specific CGI used for dumping ZTP logs.
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Timeline
First Article
Feedly found the first article mentioning CVE-2023-35139. See article
Nov 28, 2023 at 7:35 AM / VulDB Recent Entries
CVSS Estimate
Feedly estimated the CVSS score as MEDIUM
Nov 28, 2023 at 7:35 AM
EPSS
EPSS Score was set to: 0.04% (Percentile: 10.8%)
Nov 30, 2023 at 3:26 PM
Affected Systems
Zyxel/zld
+null more
Patches
www.zyxel.com
+null more
Attack Patterns
CAPEC-209: XSS Using MIME Type Mismatch
+null more
References
Zyxel security advisory for multiple vulnerabilities in firewalls and APs
CVE-2023-37926 A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
News
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices – Source: securityaffairs.com
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. The addressed issues are tracked as CVE-2023-35136, CVE-2023-35139, CVE-2023-37925, CVE-2023-37926, CVE-2023-4397, CVE-2023-4398, CVE-2023-5650, CVE-2023-5797, CVE-2023-5960. Threat actors can exploit the vulnerabilities to steal cookies, access configuration files, carry out command injection and denial-of-service […] This article has been indexed from Security Affairs Read the original article: Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
See 9 more articles and social media posts