Vulnerabilities > Zyxel > Uag5100 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-06-27 CVE-2019-12581 Cross-site Scripting vulnerability in Zyxel products
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the err_msg parameter.
network
low complexity
zyxel CWE-79
6.1