ZyXEL GS1510 Credentials Disclosure and Cross-Site Scripting
ZyXEL GS1510 Credentials Disclosure and Cross-Site Scripting Vulnerability
Release Date : 2012-03-30
Last Update: 2012-04-23
Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch
Operating System: ZyXEL GS1510
Two security issues and a vulnerability have been reported in ZyXEL GS1510, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
1) The application transmits credentials to webctrl.cgi and via cookie values in plaintext. This can be exploited to intercept the credentials by e.g sniffing network traffic or via a Man-in-the-Middle (MitM) attack.
2) Input passed via the URL to e.g. images is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The security issues and vulnerability are reported in Zyxel GS1510-16 and Zyxel GS1510-24 firmware version V1.00(BVN.1). Other versions may also be affected.
Update to firmware version V1.00(BVN.1)C0.
Provided and/or discovered by:
Neil Fryer, IT Security Geeks