A cross-site scripting (XSS) vulnerability in Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.13)C0, which could allow an attacker to store malicious scripts in the Logs page of the GUI on a vulnerable device. A successful XSS attack could force an authenticated user to execute the stored malicious scripts and then result in a denial-of-service (DoS) condition when the user visits the Logs page of the GUI on the device.
History

Fri, 06 Dec 2024 07:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:H'}

cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Zyxel

Published: 2023-02-07T00:00:00

Updated: 2024-12-06T06:40:06.327Z

Reserved: 2022-11-15T00:00:00

Link: CVE-2022-45441

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-02-07T02:15:07.967

Modified: 2024-12-06T07:15:05.190

Link: CVE-2022-45441

cve-icon Redhat

No data.