24 matches found
EUVD-2007-4299
Malware in sbrugna...
EUVD-2007-4302
Malware in sbrugna...
EUVD-2007-4300
Malware in sbrugna...
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting Vulnerability
Exploit Title: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting XSS Exploit Author: Momen Eldawakhly CyberGuy Vendor Homepage: https://www.zyxel.com Version: ZyWALL 2 Plus Tested on: Ubuntu Linux Firefox CVE : CVE-2021-46387 GET...
CVE-2021-46387
ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting XSS. Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard...
CVE-2021-46387
CVE-2021-46387 affects ZyXEL ZyWALL 2 Plus Internet Security Appliance. The issue is a Cross-Site Scripting (XSS) vulnerability caused by insecure URI handling, enabling an attacker to execute arbitrary JavaScript in a user’s browser and potentially perform clipboard hijacking or session hijackin...
ZyXEL ZyWALL 2 3.62 Forms/General_1 sysSystemName Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/25262/info ZyXEL ZyWALL 2 is prone to multiple remote vulnerabilities that affect the management interface. An attacker can exploit these issues to carry out cross-site request forgery, HTML-injection, and denial-of-servi...
Cross site scripting
Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...
CVE-2007-4319
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...
CVE-2007-4318
Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General1 with the 1 sysSystemName and 2...
CVE-2007-4316
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions...
CVE-2007-4317
Multiple cross-site request forgery CSRF vulnerabilities in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General1 with the 1 sysSystemName and 2...
CVE-2007-4316
The CVE-2007-4316 entry concerns ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2, where a default credential allows remote attackers to perform administrative actions via the device management interface. The vulnerability is described as a default password exposure enabling administrative access ...
CVE-2007-4317
CVE-2007-4317 describes multiple CSRF vulnerabilities in the management interface of ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device. The issues allow remote attackers to perform administrator actions, demonstrated via a request to Forms/General_1 using the (1) sysSystemName and (2) sysDom...
CVE-2007-4316
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions...
CVE-2007-4318
CVE-2007-4318 is a cross-site scripting (XSS) vulnerability in the Zyxel Zywall 2 device running ZyNOS firmware 3.62(WK.6). The issue affects the management interface (Forms/General_1) where the sysSystemName parameter can be manipulated by remote authenticated administrators to inject arbitrary ...
CVE-2007-4318
Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...
CVE-2007-4319
CVE-2007-4319 affects Zyxel Zywall 2 with ZyNOS firmware 3.62(WK.6). The vulnerability allows remote authenticated administrators to trigger a denial of service by feeding invalid configuration data, resulting in an infinite reboot loop. The note mentions it may not cross privilege boundaries and...
CVE-2007-4319
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...