CVE-2023-27990: XSS
First published: Mon Apr 24 2023(Updated: )
The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel ATP200 firmware | >=4.32<5.36 | |
| Zyxel Zywall ATP200 | ||
| Zyxel ZyWall ATP100 Firmware | >=4.32<5.36 | |
| Zyxel ATP100 Firmware | ||
| Zyxel Zywall ATP700 | >=4.32<5.36 | |
| Zyxel ATP700 Firmware | ||
| Zyxel ATP500 Firmware | >=4.32<5.36 | |
| Zyxel ATP500 Firmware | ||
| Zyxel ATP100W Firmware | >=4.32<5.36 | |
| Zyxel ATP100W Firmware | ||
| Zyxel Zywall ATP800 Firmware | >=4.32<5.36 | |
| Zyxel Zywall ATP800 Firmware | ||
| Zyxel USG Flex 100 firmware | >=4.50<5.36 | |
| Zyxel USG Flex 100 firmware | ||
| Zyxel USG FLEX 50(W) series firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 50w | ||
| Zyxel USG FLEX firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 200 firmware | ||
| Zyxel USG FLEX firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 500 firmware | ||
| Zyxel USG FLEX firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 700 firmware | ||
| Zyxel USG FLEX 100w firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 100w firmware | ||
| Zyxel USG 20W-VPN Firmware | >=4.16<5.36 | |
| Zyxel USG20 | ||
| Zyxel USG FLEX 50w | >=4.16<5.36 | |
| Zyxel USG FLEX 50(W) series firmware | ||
| Zyxel USG20W-VPN Firmware | >=4.30<5.36 | |
| Zyxel USG20W-VPN Firmware | ||
| Zyxel VPN100 | >=4.30<5.36 | |
| Zyxel Zywall VPN100 | ||
| Zyxel VPN1000 Firmware | >=4.30<5.36 | |
| Zyxel VPN1000 Firmware | ||
| Zyxel Zywall VPN 300 Firmware | >=4.30<5.36 | |
| Zyxel Zywall VPN300 | ||
| Zyxel Zywall VPN 50 Firmware | >=4.30<5.36 | |
| Zyxel VPN50 Firmware | ||
| All of | ||
| Zyxel ATP200 firmware | >=4.32<5.36 | |
| Zyxel Zywall ATP200 | ||
| All of | ||
| Zyxel ZyWall ATP100 Firmware | >=4.32<5.36 | |
| Zyxel ATP100 Firmware | ||
| All of | ||
| Zyxel Zywall ATP700 | >=4.32<5.36 | |
| Zyxel ATP700 Firmware | ||
| All of | ||
| Zyxel ATP500 Firmware | >=4.32<5.36 | |
| Zyxel ATP500 Firmware | ||
| All of | ||
| Zyxel ATP100W Firmware | >=4.32<5.36 | |
| Zyxel ATP100W Firmware | ||
| All of | ||
| Zyxel Zywall ATP800 Firmware | >=4.32<5.36 | |
| Zyxel Zywall ATP800 Firmware | ||
| All of | ||
| Zyxel USG Flex 100 firmware | >=4.50<5.36 | |
| Zyxel USG Flex 100 firmware | ||
| All of | ||
| Zyxel USG FLEX 50(W) series firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 50w | ||
| All of | ||
| Zyxel USG FLEX firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 200 firmware | ||
| All of | ||
| Zyxel USG FLEX firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 500 firmware | ||
| All of | ||
| Zyxel USG FLEX firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 700 firmware | ||
| All of | ||
| Zyxel USG FLEX 100w firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 100w firmware | ||
| All of | ||
| Zyxel USG 20W-VPN Firmware | >=4.16<5.36 | |
| Zyxel USG20 | ||
| All of | ||
| Zyxel USG FLEX 50w | >=4.16<5.36 | |
| Zyxel USG FLEX 50(W) series firmware | ||
| All of | ||
| Zyxel USG20W-VPN Firmware | >=4.30<5.36 | |
| Zyxel USG20W-VPN Firmware | ||
| All of | ||
| Zyxel VPN100 | >=4.30<5.36 | |
| Zyxel Zywall VPN100 | ||
| All of | ||
| Zyxel VPN1000 Firmware | >=4.30<5.36 | |
| Zyxel VPN1000 Firmware | ||
| All of | ||
| Zyxel Zywall VPN 300 Firmware | >=4.30<5.36 | |
| Zyxel Zywall VPN300 | ||
| All of | ||
| Zyxel Zywall VPN 50 Firmware | >=4.30<5.36 | |
| Zyxel VPN50 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-27990?
The severity of CVE-2023-27990 is medium with a severity value of 4.8.
Which software versions are affected by CVE-2023-27990?
CVE-2023-27990 affects Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35.
What is the Common Weakness Enumeration (CWE) of CVE-2023-27990?
The Common Weakness Enumeration (CWE) of CVE-2023-27990 is CWE-79.
How can I fix CVE-2023-27990?
To fix CVE-2023-27990, it is recommended to update to a firmware version that is not vulnerable. Refer to the vendor's security advisory for more information.
Where can I find more information about CVE-2023-27990?
You can find more information about CVE-2023-27990 in the vendor's security advisory at https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls
- agent/type
- agent/event
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/zyxel
- canonical/zyxel atp200 firmware
- version/zyxel atp200 firmware/4.32
- canonical/zyxel zywall atp200
- canonical/zyxel zywall atp100 firmware
- version/zyxel zywall atp100 firmware/4.32
- canonical/zyxel atp100 firmware
- canonical/zyxel zywall atp700
- version/zyxel zywall atp700/4.32
- canonical/zyxel atp700 firmware
- canonical/zyxel atp500 firmware
- version/zyxel atp500 firmware/4.32
- canonical/zyxel atp100w firmware
- version/zyxel atp100w firmware/4.32
- canonical/zyxel zywall atp800 firmware
- version/zyxel zywall atp800 firmware/4.32
- canonical/zyxel usg flex 100 firmware
- version/zyxel usg flex 100 firmware/4.50
- canonical/zyxel usg flex 50(w) series firmware
- version/zyxel usg flex 50(w) series firmware/4.50
- canonical/zyxel usg flex 50w
- canonical/zyxel usg flex firmware
- version/zyxel usg flex firmware/4.50
- canonical/zyxel usg flex 200 firmware
- canonical/zyxel usg flex 500 firmware
- canonical/zyxel usg flex 700 firmware
- canonical/zyxel usg flex 100w firmware
- version/zyxel usg flex 100w firmware/4.50
- canonical/zyxel usg 20w-vpn firmware
- version/zyxel usg 20w-vpn firmware/4.16
- canonical/zyxel usg20
- version/zyxel usg flex 50w/4.16
- canonical/zyxel usg20w-vpn firmware
- version/zyxel usg20w-vpn firmware/4.30
- canonical/zyxel vpn100
- version/zyxel vpn100/4.30
- canonical/zyxel zywall vpn100
- canonical/zyxel vpn1000 firmware
- version/zyxel vpn1000 firmware/4.30
- canonical/zyxel zywall vpn 300 firmware
- version/zyxel zywall vpn 300 firmware/4.30
- canonical/zyxel zywall vpn300
- canonical/zyxel zywall vpn 50 firmware
- version/zyxel zywall vpn 50 firmware/4.30
- canonical/zyxel vpn50 firmware