Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-26	CVE-2021-35030	Cross-site Scripting vulnerability in Zyxel products A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet. low complexity zyxel CWE-79	4.3
2019-11-14	CVE-2019-15802	Use of Hard-coded Credentials vulnerability in Zyxel products An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. network high complexity zyxel CWE-798	5.9