CVE-2024-42061 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 URL dynamic_script.cgi cross site scripting

Inserito da Angelo Barbosa | Set 3, 2024 | CVE

A vulnerability classified as problematic has been found in Zyxel ATP, USG FLEX, USG FLEX 50(W) and USG20(W)-VPN up to 5.38. Affected is an unknown function of the file dynamic_script.cgi of the component URL Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-42061. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-42061 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 URL dynamic_script.cgi cross site scripting

Post correlati

CVE-2024-5189 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.23 on WordPress custom_js cross site scripting

CVE-2024-5311 | DigiWin EasyFlow .NET up to 5.x/6.1.x/6.6.15 input sql injection

CVE-2021-46920 | Linux Kernel up to 5.10.31/5.11/5.11.15 idxd information disclosure (a5ad12d5d69c/02981a44a0e4/ea941ac294d7)

CVE-2024-5554 | Element Pack Elementor Addons Plugin up to 5.6.11 on WordPress cross site scripting