CVE-2021-46387
CVE-2021-46387
ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard hijacking and session hijacking.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 2
cve_referencepacketstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/50797não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.htmlhttps://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharinghttps://www.zyxel.com/uk/en/products_services/zywall_2_plus.shtmlhttps://www.zyxel.com/us/en/support/security_advisories.shtml