.. / CVE-2019-9955

Exploit for Zyxel - Cross-Site Scripting (CVE-2019-9955)

Description:

Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 devices contain a reflected cross-site scripting vulnerability on the security firewall login page via the mp_idx parameter.

Nuclei Template

View the template here CVE-2019-9955.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-9955.yaml

References:

https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page
https://nvd.nist.gov/vuln/detail/CVE-2019-9955
http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html
https://www.exploit-db.com/exploits/46706/
https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml

.. / CVE-2019-9955 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Zyxel - Cross-Site Scripting (CVE-2019-9955)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2019-9955