CVE-2023-27990

Severity Score

4.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.

*Credits: N/A

CVSS Scores

NISTv3.1 4.8

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-03-09 CVE Reserved
2023-04-24 CVE Published
2024-05-26 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls	2024-02-02

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Zyxel Search vendor "Zyxel"	Atp200 Firmware Search vendor "Zyxel" for product "Atp200 Firmware"	>= 4.32 < 5.36 Search vendor "Zyxel" for product "Atp200 Firmware" and version " >= 4.32 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Atp200 Search vendor "Zyxel" for product "Atp200"	-	-	Safe
Zyxel Search vendor "Zyxel"	Atp100 Firmware Search vendor "Zyxel" for product "Atp100 Firmware"	>= 4.32 < 5.36 Search vendor "Zyxel" for product "Atp100 Firmware" and version " >= 4.32 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Atp100 Search vendor "Zyxel" for product "Atp100"	-	-	Safe
Zyxel Search vendor "Zyxel"	Atp700 Firmware Search vendor "Zyxel" for product "Atp700 Firmware"	>= 4.32 < 5.36 Search vendor "Zyxel" for product "Atp700 Firmware" and version " >= 4.32 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Atp700 Search vendor "Zyxel" for product "Atp700"	-	-	Safe
Zyxel Search vendor "Zyxel"	Atp500 Firmware Search vendor "Zyxel" for product "Atp500 Firmware"	>= 4.32 < 5.36 Search vendor "Zyxel" for product "Atp500 Firmware" and version " >= 4.32 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Atp500 Search vendor "Zyxel" for product "Atp500"	-	-	Safe
Zyxel Search vendor "Zyxel"	Atp100w Firmware Search vendor "Zyxel" for product "Atp100w Firmware"	>= 4.32 < 5.36 Search vendor "Zyxel" for product "Atp100w Firmware" and version " >= 4.32 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Atp100w Search vendor "Zyxel" for product "Atp100w"	-	-	Safe
Zyxel Search vendor "Zyxel"	Atp800 Firmware Search vendor "Zyxel" for product "Atp800 Firmware"	>= 4.32 < 5.36 Search vendor "Zyxel" for product "Atp800 Firmware" and version " >= 4.32 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Atp800 Search vendor "Zyxel" for product "Atp800"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 100 Firmware Search vendor "Zyxel" for product "Usg Flex 100 Firmware"	>= 4.50 < 5.36 Search vendor "Zyxel" for product "Usg Flex 100 Firmware" and version " >= 4.50 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 100 Search vendor "Zyxel" for product "Usg Flex 100"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 50 Firmware Search vendor "Zyxel" for product "Usg Flex 50 Firmware"	>= 4.50 < 5.36 Search vendor "Zyxel" for product "Usg Flex 50 Firmware" and version " >= 4.50 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 50 Search vendor "Zyxel" for product "Usg Flex 50"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 200 Firmware Search vendor "Zyxel" for product "Usg Flex 200 Firmware"	>= 4.50 < 5.36 Search vendor "Zyxel" for product "Usg Flex 200 Firmware" and version " >= 4.50 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 200 Search vendor "Zyxel" for product "Usg Flex 200"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 500 Firmware Search vendor "Zyxel" for product "Usg Flex 500 Firmware"	>= 4.50 < 5.36 Search vendor "Zyxel" for product "Usg Flex 500 Firmware" and version " >= 4.50 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 500 Search vendor "Zyxel" for product "Usg Flex 500"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 700 Firmware Search vendor "Zyxel" for product "Usg Flex 700 Firmware"	>= 4.50 < 5.36 Search vendor "Zyxel" for product "Usg Flex 700 Firmware" and version " >= 4.50 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 700 Search vendor "Zyxel" for product "Usg Flex 700"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 100w Firmware Search vendor "Zyxel" for product "Usg Flex 100w Firmware"	>= 4.50 < 5.36 Search vendor "Zyxel" for product "Usg Flex 100w Firmware" and version " >= 4.50 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 100w Search vendor "Zyxel" for product "Usg Flex 100w"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg 20w-vpn Firmware Search vendor "Zyxel" for product "Usg 20w-vpn Firmware"	>= 4.16 < 5.36 Search vendor "Zyxel" for product "Usg 20w-vpn Firmware" and version " >= 4.16 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg 20w-vpn Search vendor "Zyxel" for product "Usg 20w-vpn"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg Flex 50w Firmware Search vendor "Zyxel" for product "Usg Flex 50w Firmware"	>= 4.16 < 5.36 Search vendor "Zyxel" for product "Usg Flex 50w Firmware" and version " >= 4.16 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg Flex 50w Search vendor "Zyxel" for product "Usg Flex 50w"	-	-	Safe
Zyxel Search vendor "Zyxel"	Usg20-vpn Firmware Search vendor "Zyxel" for product "Usg20-vpn Firmware"	>= 4.30 < 5.36 Search vendor "Zyxel" for product "Usg20-vpn Firmware" and version " >= 4.30 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Usg20-vpn Search vendor "Zyxel" for product "Usg20-vpn"	-	-	Safe
Zyxel Search vendor "Zyxel"	Vpn100 Firmware Search vendor "Zyxel" for product "Vpn100 Firmware"	>= 4.30 < 5.36 Search vendor "Zyxel" for product "Vpn100 Firmware" and version " >= 4.30 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Vpn100 Search vendor "Zyxel" for product "Vpn100"	-	-	Safe
Zyxel Search vendor "Zyxel"	Vpn1000 Firmware Search vendor "Zyxel" for product "Vpn1000 Firmware"	>= 4.30 < 5.36 Search vendor "Zyxel" for product "Vpn1000 Firmware" and version " >= 4.30 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Vpn1000 Search vendor "Zyxel" for product "Vpn1000"	-	-	Safe
Zyxel Search vendor "Zyxel"	Vpn300 Firmware Search vendor "Zyxel" for product "Vpn300 Firmware"	>= 4.30 < 5.36 Search vendor "Zyxel" for product "Vpn300 Firmware" and version " >= 4.30 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Vpn300 Search vendor "Zyxel" for product "Vpn300"	-	-	Safe
Zyxel Search vendor "Zyxel"	Vpn50 Firmware Search vendor "Zyxel" for product "Vpn50 Firmware"	>= 4.30 < 5.36 Search vendor "Zyxel" for product "Vpn50 Firmware" and version " >= 4.30 < 5.36"	-	Affected	in	Zyxel Search vendor "Zyxel"	Vpn50 Search vendor "Zyxel" for product "Vpn50"	-	-	Safe