CVE-2019-9955: XSS
First published: Mon Apr 22 2019(Updated: )
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Zyxel ATP200 firmware | =4.31 | |
| Zyxel Zywall ATP200 | ||
| All of | ||
| Zyxel ATP500 Firmware | =4.31 | |
| Zyxel ATP500 Firmware | ||
| All of | ||
| Zyxel Zywall ATP800 Firmware | =4.31 | |
| Zyxel Zywall ATP800 Firmware | ||
| All of | ||
| Zyxel USG20W-VPN Firmware | =4.31 | |
| Zyxel USG20W-VPN Firmware | ||
| All of | ||
| Zyxel USG 20W-VPN Firmware | =4.31 | |
| Zyxel USG20W-VPN Firmware | ||
| All of | ||
| Zyxel USG 40 firmware | =4.31 | |
| Zyxel USG 40 | ||
| All of | ||
| Zyxel USG 40w firmware | =4.31 | |
| Zyxel USG 40w firmware | ||
| All of | ||
| Zyxel USG 60W firmware | =4.31 | |
| Zyxel USG 60 | ||
| All of | ||
| Zyxel USG 60W firmware | =4.31 | |
| Zyxel USG 60W firmware | ||
| All of | ||
| Zyxel USG 110 Firmware | =4.31 | |
| Zyxel USG 110 | ||
| All of | ||
| Zyxel USG210 Firmware | =4.31 | |
| Zyxel USG210 Firmware | ||
| All of | ||
| Zyxel USG 310 firmware | =4.31 | |
| Zyxel USG 310 | ||
| All of | ||
| Zyxel USG 1100 firmware | =4.31 | |
| Zyxel USG1100 firmware | ||
| All of | ||
| Zyxel USG1900 Firmware | =4.31 | |
| Zyxel USG1900 Firmware | ||
| All of | ||
| Zyxel USG2200-VPN Firmware | =4.31 | |
| Zyxel USG2200-VPN Firmware | ||
| All of | ||
| Zyxel Zywall 1100 Firmware | =4.31 | |
| Zyxel Zywall 110 firmware | ||
| All of | ||
| Zyxel ZyWALL USG 310 firmware | =4.31 | |
| Zyxel Zywall 310 Firmware | ||
| All of | ||
| Zyxel Zywall 1100 Firmware | =4.31 | |
| Zyxel Zywall 1100 Firmware | ||
| All of | ||
| Zyxel Zywall VPN 50 Firmware | ||
| Zyxel VPN50 Firmware | ||
| All of | ||
| Zyxel VPN100 | ||
| Zyxel Zywall VPN100 | ||
| All of | ||
| Zyxel Zywall VPN 300 Firmware | ||
| Zyxel Zywall VPN300 | ||
| Zyxel ATP200 firmware | =4.31 | |
| Zyxel Zywall ATP200 | ||
| Zyxel ATP500 Firmware | =4.31 | |
| Zyxel ATP500 Firmware | ||
| Zyxel Zywall ATP800 Firmware | =4.31 | |
| Zyxel Zywall ATP800 Firmware | ||
| Zyxel USG20W-VPN Firmware | =4.31 | |
| Zyxel USG20W-VPN Firmware | ||
| Zyxel USG 20W-VPN Firmware | =4.31 | |
| Zyxel USG20W-VPN Firmware | ||
| Zyxel USG 40 firmware | =4.31 | |
| Zyxel USG 40 | ||
| Zyxel USG 40w firmware | =4.31 | |
| Zyxel USG 40w firmware | ||
| Zyxel USG 60W firmware | =4.31 | |
| Zyxel USG 60 | ||
| Zyxel USG 60W firmware | =4.31 | |
| Zyxel USG 60W firmware | ||
| Zyxel USG 110 Firmware | =4.31 | |
| Zyxel USG 110 | ||
| Zyxel USG210 Firmware | =4.31 | |
| Zyxel USG210 Firmware | ||
| Zyxel USG 310 firmware | =4.31 | |
| Zyxel USG 310 | ||
| Zyxel USG 1100 firmware | =4.31 | |
| Zyxel USG1100 firmware | ||
| Zyxel USG1900 Firmware | =4.31 | |
| Zyxel USG1900 Firmware | ||
| Zyxel USG2200-VPN Firmware | =4.31 | |
| Zyxel USG2200-VPN Firmware | ||
| Zyxel Zywall 1100 Firmware | =4.31 | |
| Zyxel Zywall 110 firmware | ||
| Zyxel ZyWALL USG 310 firmware | =4.31 | |
| Zyxel Zywall 310 Firmware | ||
| Zyxel Zywall 1100 Firmware | =4.31 | |
| Zyxel Zywall 1100 Firmware | ||
| Zyxel Zywall VPN 50 Firmware | ||
| Zyxel VPN50 Firmware | ||
| Zyxel VPN100 | ||
| Zyxel Zywall VPN100 | ||
| Zyxel Zywall VPN 300 Firmware | ||
| Zyxel Zywall VPN300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html
- http://seclists.org/fulldisclosure/2019/Apr/22
- https://www.exploit-db.com/exploits/46706/
- https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page
- https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml
Frequently Asked Questions
What is CVE-2019-9955?
CVE-2019-9955 is a vulnerability that affects Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices.
What is the impact of CVE-2019-9955?
CVE-2019-9955 allows an attacker to execute arbitrary scripts in the context of a user's browser session, potentially allowing them to steal sensitive information or perform malicious actions.
How can I check if my device is affected by CVE-2019-9955?
Check if your Zyxel device is using firmware version 4.31, and if it belongs to one of the affected models listed in the CVE description.
How can I mitigate CVE-2019-9955?
Update your Zyxel device to the latest firmware version, which resolves the vulnerability.
Where can I find more information about CVE-2019-9955?
You can find more information about CVE-2019-9955 on the provided external references: packetstormsecurity.com, seclists.org, and exploit-db.com.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/references
- agent/first-publish-date
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/zyxel
- canonical/zyxel atp200 firmware
- version/zyxel atp200 firmware/4.31
- canonical/zyxel zywall atp200
- canonical/zyxel atp500 firmware
- version/zyxel atp500 firmware/4.31
- canonical/zyxel zywall atp800 firmware
- version/zyxel zywall atp800 firmware/4.31
- canonical/zyxel usg20w-vpn firmware
- version/zyxel usg20w-vpn firmware/4.31
- canonical/zyxel usg 20w-vpn firmware
- version/zyxel usg 20w-vpn firmware/4.31
- canonical/zyxel usg 40 firmware
- version/zyxel usg 40 firmware/4.31
- canonical/zyxel usg 40
- canonical/zyxel usg 40w firmware
- version/zyxel usg 40w firmware/4.31
- canonical/zyxel usg 60w firmware
- version/zyxel usg 60w firmware/4.31
- canonical/zyxel usg 60
- canonical/zyxel usg 110 firmware
- version/zyxel usg 110 firmware/4.31
- canonical/zyxel usg 110
- canonical/zyxel usg210 firmware
- version/zyxel usg210 firmware/4.31
- canonical/zyxel usg 310 firmware
- version/zyxel usg 310 firmware/4.31
- canonical/zyxel usg 310
- canonical/zyxel usg 1100 firmware
- version/zyxel usg 1100 firmware/4.31
- canonical/zyxel usg1100 firmware
- canonical/zyxel usg1900 firmware
- version/zyxel usg1900 firmware/4.31
- canonical/zyxel usg2200-vpn firmware
- version/zyxel usg2200-vpn firmware/4.31
- canonical/zyxel zywall 1100 firmware
- version/zyxel zywall 1100 firmware/4.31
- canonical/zyxel zywall 110 firmware
- canonical/zyxel zywall usg 310 firmware
- version/zyxel zywall usg 310 firmware/4.31
- canonical/zyxel zywall 310 firmware
- canonical/zyxel zywall vpn 50 firmware
- canonical/zyxel vpn50 firmware
- canonical/zyxel vpn100
- canonical/zyxel zywall vpn100
- canonical/zyxel zywall vpn 300 firmware
- canonical/zyxel zywall vpn300