What is CVE-2021-35030?

CVE-2021-35030 is a low-severity vulnerability in Zyxel Gs1900-8 Firmware, classified under Cross-site Scripting. CVSS score: 3.5/10. Published 2021-07-26.

How severe is CVE-2021-35030?

Low severity. CVSS v3 base score is 3.5 out of 10.

XSS in Zyxel Gs1900-8 Firmware

CVE-2021-35030

A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafte…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (18.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L.

Affected products

Zyxel Gs1900-8 Firmware — versions 2.60

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

www.zyxel.com/support/Zyxel_security_advisory_for_XSS_vulnerability_of_GS1900_s… (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-35030?: CVE-2021-35030 is a low-severity vulnerability in Zyxel Gs1900-8 Firmware, classified under Cross-site Scripting. CVSS score: 3.5/10. Published 2021-07-26.
How severe is CVE-2021-35030?: Low severity. CVSS v3 base score is 3.5 out of 10.