cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-46387,https://securityvulnerability.io/vulnerability/CVE-2021-46387,Cross Site Scripting Vulnerability in ZyXEL ZyWALL 2 Plus Security Appliance,"The ZyXEL ZyWALL 2 Plus Internet Security Appliance is susceptible to a Cross Site Scripting (XSS) vulnerability due to improper handling of URIs. This flaw allows attackers to bypass security restrictions, enabling them to inject and execute arbitrary JavaScript code. Such exploitation can lead to severe consequences, including clipboard hijacking, session hijacking, and unauthorized access to sensitive user information. Effective remediation is imperative to safeguard the integrity of network communications.",Zyxel,Zywall 2 Plus Internet Security Appliance Firmware,6.1,MEDIUM,0.257779985666275,false,,false,false,false,,,false,false,,2022-03-01T14:04:41.000Z,0
CVE-2007-4319,https://securityvulnerability.io/vulnerability/CVE-2007-4319,,"The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data.  NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE.",Zyxel,"Zynos,Zywall 2",,,0.007360000163316727,false,,false,false,false,,,false,false,,2007-08-13T21:00:00.000Z,0
CVE-2007-4316,https://securityvulnerability.io/vulnerability/CVE-2007-4316,,"The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions.",Zyxel,"Zynos,Zywall 2",,,0.018139999359846115,false,,false,false,false,,,false,false,,2007-08-13T21:00:00.000Z,0
CVE-2007-4317,https://securityvulnerability.io/vulnerability/CVE-2007-4317,,"Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters.",Zyxel,"Zynos,Zywall 2",,,0.014050000347197056,false,,false,false,false,,,false,false,,2007-08-13T21:00:00.000Z,0
CVE-2007-4318,https://securityvulnerability.io/vulnerability/CVE-2007-4318,,Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter.,Zyxel,"Zynos,Zywall 2",,,0.018850000575184822,false,,false,false,false,,,false,false,,2007-08-13T21:00:00.000Z,0