2 matches found
CVE-2014-7278
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to cause a denial of service persistent web-interface outage via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginM...
CVE-2014-7277
The ZyXEL SBG-3300 Security Gateway (firmware up to 1.00(AADY.4)C0) is affected by CVE-2014-7277, a Stored Server XSS in the login page. The vulnerability arises from improper handling of the loginMessage element during rendering of the login page, allowing remote attackers to inject arbitrary we...