CVE-2021-46387 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in ZyXEL ZyWALL 2 Plus Internet Security Appliance affects v. Unknown.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Parent Category
CVE-2021-46387 Scanner Detail
The ZyXEL ZyWALL 2 Plus Internet Security Appliance is a security device designed to protect networks and devices from online threats. It works by blocking malicious traffic and enabling secure connections between devices, servers, and the internet. This device is commonly used in small and medium-sized businesses to secure their networks and data.
One major vulnerability detected in this product is identified as CVE-2021-46387. This vulnerability arises from an insecure URI handling that can bypass security restrictions, ultimately leading to cross-site scripting (XSS) attacks. When exploited, an attacker can execute arbitrary JavaScript code on the victim's device, potentially gaining access to sensitive data such as user credentials, personal information, and financial details.
If this vulnerability is exploited, attackers can perform multiple attacks like clipboard hijacking and session hijacking. This can lead to identity theft, data breaches and loss of sensitive information. The attacker can also use this vulnerability to spread malware and ransomware, which could cripple the victim's network and lead to financial losses.
Thanks to the pro features of the securityforeveryone.com platform, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. By signing up for this platform, readers can get access to a range of professional security tools and resources that help protect against online threats. These resources include regular security updates, vulnerability scanners, and expert advice on how to secure networks and devices. With securityforeveryone.com, users can ensure the safety and security of their digital assets, keeping them protected from online threats and attacks.
REFERENCES
- http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.html
- https://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharing
- https://www.zyxel.com/uk/en/products_services/zywall_2_plus.shtml
- https://www.zyxel.com/us/en/support/security_advisories.shtml
control security posture