CVE-2022-0734

A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that coul...

Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller, and Firewall Devices

Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information. The list of security vulnerabilities is as follows - CVE-2022-0734 - A cross-site scripting XSS...

CVE-2022-0734

creationtimestamp| type| source ---|---|--- 2022-05-24 07:36:20+00:00| seen| https://t.me/cibsecurity/43205...

CVE-2022-0734

CVE-2022-0734 describes a cross-site scripting vulnerability in Zyxel USG/ZyWALL CGI programs across multiple firmware lines (USG/ZyWALL 4.35–4.70, USG FLEX 4.50–5.20, ATP 4.35–5.20, VPN 4.35–5.20). The issue allows a malicious script to access information stored in a user’s browser, such as cook...