3 matches found
Zyxel USG / ATP / VPN < 5.37 XSS
Firmware version of the Zyxel USG, ATP, or VPN is less than 5.37. This means the Zyxel device is vulnerable to the following cross-site scripting vulnerability: - A cross-site scripting XSS vulnerability in the CGI program could allow an unauthenticated LAN-based attacker to store malicious scrip...
CVE-2023-35136
An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37, and...
CVE-2023-35136
CVE-2023-35136 describes an improper input validation vulnerability in the Quagga package across Zyxel devices (ATP series 4.32–5.37; USG FLEX 4.50–5.37; USG FLEX 50(W) 4.16–5.37; USG20(W)-VPN 4.16–5.37; VPN series 4.30–5.37) that could allow an authenticated local attacker to access configuratio...