Vulnerabilities (CVE)

Filtered by vendor Zyxel Subscribe

Filtered by product Usg110

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-12581	1 Zyxel	18 Uag2100, Uag2100 Firmware, Uag4100 and 15 more	2019-06-28	4.3 MEDIUM	6.1 MEDIUM
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the err_msg parameter.
CVE-2019-9955	1 Zyxel	42 Atp200, Atp200 Firmware, Atp500 and 39 more	2019-04-30	4.3 MEDIUM	6.1 MEDIUM
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.