CVE-2017-17550
10.11.2018, 22:29
ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. This account's access could, for example, subsequently be used for stored XSS.
| Vendor | Product | Version |
|---|---|---|
| zyxel | zywall_usg_100_firmware | 2.12\(aqq.2\) |
| zyxel | zywall_usg_100_firmware | 3.30\(aqq.7\) |
𝑥
= Vulnerable software versions
Common Weakness Enumeration