A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote malicious users to inject arbitrary web script or HTML via the err_msg parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zyxel uag2100_firmware |
||
zyxel uag4100_firmware |
||
zyxel uag5100_firmware |
||
zyxel usg110_firmware |
||
zyxel usg210_firmware |
||
zyxel usg310_firmware |
||
zyxel usg1100_firmware |
||
zyxel usg1900_firmware |
||
zyxel usg2200-vpn_firmware |