Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the err_msg parameter.
- https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/gnarkill78/CSA_S2_2024