CVE-2008-2167

Name of the Vulnerable Software and Affected Versions ZyXEL ZyWALL USG 300 (affected versions not specified) ZyXEL ZyWALL 100 (affected versions not specified)

Description The issue allows a remote attacker to inject arbitrary web script or HTML via the Referer header, which is not properly handled on the 404 Error page. This can lead to a disruption in the integrity of the data processed by the web server. The exploitation of this issue can be done through cross-site scripting.

Recommendations For ZyXEL ZyWALL USG 300, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For ZyXEL ZyWALL 100, at the moment, there is no information about a newer version that contains a fix for this vulnerability.