Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-46387 PoC — Zyxel Zywall310跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-46387.yaml
Associated Vulnerability
Title:Zyxel Zywall310跨站脚本漏洞 (CVE-2021-46387)
Description:Zyxel Zywall310是中国合勤(Zyxel)公司的一款用于公司环境的防火墙设备。 ZyXEL ZyWAL存在安全漏洞,该漏洞允许攻击者可利用该漏洞能够执行任意JavaScript代码来执行多种攻击,如剪贴板劫持和会话劫持。
Description
ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks.
File Snapshot

 id: CVE-2021-46387

info:
  name: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scrip

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.