J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1545
    posted: 11/19/09
  • NSM Daily Update #1545
    posted: 11/19/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1545
    posted: 11/19/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/19/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/19/09

Title: ZyXEL B-240 Wireless Ethernet Adapter Web Interface Remote Cross-Site Scripting Vulnerability

Severity: HIGH

Description:

ZyXEL B-240 Wireless Ethernet Adapter is an Ethernet adapter designed to connect to the RJ-45 Ethernet port on non-PC devices such as printers. It supports multiple features including a Web-based administration interface.

A remote cross-site scripting vulnerability reportedly affects the Web-administration interface of the ZyXEL B-240 Wireless Ethernet Adapter. This issue is due to a failure of the application to properly sanitize URI input prior to including it in dynamic content.

The problem presents itself specifically when an attacker sends the 'ZyXEL ZyWALL Series' parameter to the 'rpAuth_1' form of the affected Web interface along with malicious script code. Apparently the application will include script code in dynamic content without sanitizing it, facilitating cross-site scripting attacks. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the Web administration page. This may facilitate theft of cookie-based authentication credentials as well as other attacks.

Furthermore it has been reported that this issue can be used to trigger a denial of service attack against the affected device. Apparently by requesting the pathname of the outermost HTML frame with the injected script code the device can be forced to crash, requiring a restart to be brought back to proper functionality. An attacker with access to the Web administrative interface could potentially make a malicious request to trigger this issue, as opposed to enticing a user to follow a malicious link. Such an attack may require the user to be authenticated, though this is not confirmed.

Affected Products:

  • ZyXEL B-420 Wireless Ethernet Adapter 0.0.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.