cvedb.io
CVE-2021-46387
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2022-03-01T15:15:07.887 · Last modified 2026-06-17T04:14:50.470

Summary

ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard hijacking and session hijacking.

Affected products

zyxel — zywall_2_plus_internet_security_appliance_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when zyxel ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.