bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/remote/23527.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

7 lines
No EOL
632 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/9373/info
ZyWALL 10 firewalls are prone to cross-site scripting attacks via the web management interface of affected devices. An attacker could exploit this issue by enticing a victim user to follow a malicious link to a site hosting the software that contains embedded HTML and script code. The embedded code may be rendered in the web browser of the victim user.
This could potentially be exploited to steal cookie-based authentication credentials from legitimate users. Other attacks are also possible.
http://<host>/Forms/rpAuth_1?ZyXEL%20ZyWALL%20Series<script>alert('XSS')</script>
Reference in a new issue View git blame Copy permalink