{"cve":{"cve_id":"CVE-2022-0734","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.0836,"epss_percentile":0.94238,"epss_as_of":"2026-06-23","description":"A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user's browser, such as cookies or session tokens, via a malicious script.","published_at":"2022-05-24T02:10:12Z","last_modified_at":null,"cvss_v3_score":5.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-79"],"nvd_references":["https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:16:42.961600Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"zyxel","vendor_name":"Zyxel","product_slug":"atp-series-firmware","product_name":"ATP series firmware","version_start":"4.35 through 5.20","version_start_inclusive":true,"version_end":"4.35 through 5.20","version_end_inclusive":true,"cpe23_uri":"cve5:zyxel:atp-series-firmware:4.35 through 5.20:4.35 through 5.20"},{"vendor_slug":"zyxel","vendor_name":"Zyxel","product_slug":"usg-flex-series-firmware","product_name":"USG FLEX series firmware","version_start":"4.50 through 5.20","version_start_inclusive":true,"version_end":"4.50 through 5.20","version_end_inclusive":true,"cpe23_uri":"cve5:zyxel:usg-flex-series-firmware:4.50 through 5.20:4.50 through 5.20"},{"vendor_slug":"zyxel","vendor_name":"Zyxel","product_slug":"usg-zywall-series-firmware","product_name":"USG/ZyWALL series firmware","version_start":"4.35 through 4.70","version_start_inclusive":true,"version_end":"4.35 through 4.70","version_end_inclusive":true,"cpe23_uri":"cve5:zyxel:usg-zywall-series-firmware:4.35 through 4.70:4.35 through 4.70"},{"vendor_slug":"zyxel","vendor_name":"Zyxel","product_slug":"vpn-series-firmware","product_name":"VPN series firmware","version_start":"4.35 through 5.20","version_start_inclusive":true,"version_end":"4.35 through 5.20","version_end_inclusive":true,"cpe23_uri":"cve5:zyxel:vpn-series-firmware:4.35 through 5.20:4.35 through 5.20"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2022-05-24T02:10:12Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:20:30.331561Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:20:30.331561Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:20:30.331561Z","label":"CVSS score revised","source":"cvelistv5"}]}