Zyxel security advisory for reflected cross-site scripting vulnerability of firewalls

CVE : CVE-2019-9955

 

Summary

Zyxel security firewalls are vulnerable to a reflected cross-site scripting vulnerability. Users are advised to install the applicable hotfixes for optimal protection.

 

What's the vulnerability?

The reflected cross-site scripting vulnerability was identified on the Zyxel security firewall login pages, which contained an unsanitized 'mp_idx' parameter.

 

What should you do?

After a thorough investigation, we’ve identified the vulnerable products and listed them in the table below. Hotfixes for the affected models are now available, and we will include patches in the models’ next regular firmware release. We urge users to install them for optimal protection.

 
Device impacted Hotfix availability
ATP200
ATP500
ATP800
USG20-VPN
USG20W-VPN
USG40
USG40W
USG60
USG60W
USG110
USG210
USG310
USG1100
USG1900
USG2200-VPN
ZyWALL 110
ZyWALL 310
ZyWALL 1100
 

Got a question or a tipoff?

Please contact your local service rep for further information or assistance. If you’ve found a vulnerability, we want to work with you to fix it—contact security@zyxel.com.tw and we’ll get right back to you.

 

Acknowledgment

Thanks to Aaron Bishop at Security Metrics for reporting this vulnerability to us.
https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page

 

Revision history

Initial release 2019-4-18