Vulnerabilites related to zyxel - usg1000
Vulnerability from fkie_nvd
Published
2021-07-02 11:15
Modified
2024-11-21 06:11
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0AB64698-F450-405C-9D27-EE5A34466835", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*", matchCriteriaId: "60F4E816-C4D3-451A-965C-45387D7DEB5B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37AB8F08-EEEB-4318-8A5F-10211B61E852", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*", matchCriteriaId: "4B68C4BD-3279-47AB-AC2A-7555163B12E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3ED3A6D-68BC-48F6-AC34-99C5C012AF85", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*", matchCriteriaId: "F302801D-3720-4598-8458-A8938BD6CB46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C0676F-CA90-4E29-8131-AD2026E8E79D", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFF1122-755A-4531-AA2E-FD6E8478F92F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F17EF47-19AE-40BC-B547-B5900CC6D627", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*", matchCriteriaId: "4834AC5E-884D-4A1C-A39B-B3F4A281E3CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DED36D6-2286-4CDF-BACF-48403F3FCCE0", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*", matchCriteriaId: "5CCD2777-CC85-4BAA-B16B-19C2DB8DB742", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E355564-3F7A-4EE4-AD65-A84B78BB5395", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*", matchCriteriaId: "0906F3FA-793B-421D-B957-7E9C18C1AEC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23F9913B-2AE5-4B07-9EED-5A5F18B3F541", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*", matchCriteriaId: "26900300-1325-4C8A-BC3B-A10233B2462A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2D485C08-FC2E-4569-BB49-249F7BDA149C", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*", matchCriteriaId: "A5A7555E-BC29-460C-A701-7DCDEAFE67F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AB1AAB7-AACC-4535-8C30-2D1FF7B2D647", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*", matchCriteriaId: "CC3082ED-A564-494D-8427-B61F15F6DD88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9755AA21-D626-453A-A7E1-0069832E861A", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg1000:-:*:*:*:*:*:*:*", matchCriteriaId: "6626D8CA-2E58-46F7-9592-4922A3E6DF79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C6EDA25D-48DE-4B4A-9792-D9587A6FB8FC", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg2000:-:*:*:*:*:*:*:*", matchCriteriaId: "748C9FE8-E66D-480F-9688-75E563332A23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC24EC0-FA7F-4500-A9CB-4854286DD67D", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5C3A2C-12EA-4FAE-B088-665A90494685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01B72080-1F0E-484D-8929-67BC2585E62B", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20w:-:*:*:*:*:*:*:*", matchCriteriaId: "B44BD562-5D3A-4E4F-B648-6E2D1F0B02C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDA4AA0-FE83-400C-A7AE-001611225552", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg50:-:*:*:*:*:*:*:*", matchCriteriaId: "FE138A97-1AB8-493D-92AA-276DFA40E14F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EAAF268-7195-4884-B90E-93054A8CAC95", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg100:-:*:*:*:*:*:*:*", matchCriteriaId: "656D8467-02C4-43F6-A64B-998300D71814", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF8B5062-6330-4369-9D7F-EA54E6A990E9", versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*", matchCriteriaId: "3F7F15F3-9A55-462F-8AE3-EE71B759DE68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6718F421-40F9-4599-9720-9F3461AD0693", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", matchCriteriaId: "2B30A4C0-9928-46AD-9210-C25656FB43FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE8626E7-8B32-4F54-9078-2C7E182783F7", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", matchCriteriaId: "F93B6A06-2951-46D2-A7E1-103D7318D612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D39FB8E-FF0D-40D2-A92D-FB1B2C89D29D", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", matchCriteriaId: "92C697A5-D1D3-4FF0-9C43-D27B18181958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "686F56DF-BE47-4A17-A275-F7F0F38A16CF", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", matchCriteriaId: "D74ABA7E-AA78-4A13-A64E-C44021591B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "789C6F4B-1592-40C2-9DE1-1C436F6F2A2B", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B332B58-AF42-45E3-B224-9AD745485A14", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", matchCriteriaId: "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A33C164A-F565-47AB-8F8C-3D418F36638B", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F65954-FF1A-46A4-A003-FF8B9666880A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "817D54B2-A13E-4105-B63D-A0474BC63CD7", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", matchCriteriaId: "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF1F9383-C537-4B57-B3B1-61F5E7165642", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", matchCriteriaId: "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9AF0390-357C-4249-A7CF-EE902836A2FE", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", matchCriteriaId: "D50CC94B-4EAA-44A7-AEF1-415491572FB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FECB2D46-3776-4059-8F01-164641965C84", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", matchCriteriaId: "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EA23975-C587-4BC1-986A-55DA451A05CB", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", matchCriteriaId: "D902D9D2-5215-4A70-9D16-F1C3BA10EE18", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24FD0B6C-EA3E-4AAC-BCFD-A58F0996988E", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", matchCriteriaId: "6762B13C-6FD5-49D7-B2D6-4986BAC3D425", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC931102-95D8-4BF4-AA6B-F8F6CC4024C7", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", matchCriteriaId: "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05F5F64E-3020-4453-A183-454EF80025A7", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "7239C54F-EC9E-44B4-AE33-1D36E5448219", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4ECA11E7-4DCE-4030-9602-F7336A434817", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "06D2AD3A-9197-487D-A267-24DE332CC66B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0ED8D58-62BA-4225-8C68-0E8D75FB936C", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*", matchCriteriaId: "68CB2401-479A-4124-B03F-589D7C1061FF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E4763C9-EC74-4CAE-8A72-162E51ABBA9E", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*", matchCriteriaId: "145E41D9-E376-4B8E-A34F-F2C7ECFD649D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D54C6A9-B282-4B5C-BAB0-24FB03415FA4", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*", matchCriteriaId: "B40C703E-C7C0-4B49-A336-83853D3E8C31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8A67D33-EF8E-4B70-891A-51DD5B4680D8", versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*", matchCriteriaId: "BCE32A1C-A730-4893-BCB9-F753F8E65440", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.", }, { lang: "es", value: "Una vulnerabilidad de omisión de la autenticación en la interfaz de administración basada en web de Zyxel USG/Zywall series versiones de firmware 4.35 hasta 4.64 y USG Flex, ATP, y VPN versiones de firmware 4.35 hasta 5.01, que podría permitir a un atacante remoto ejecutar comandos arbitrarios en un dispositivo afectado", }, ], id: "CVE-2021-35029", lastModified: "2024-11-21T06:11:42.280", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security@zyxel.com.tw", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-02T11:15:08.930", references: [ { source: "security@zyxel.com.tw", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, ], sourceIdentifier: "security@zyxel.com.tw", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "security@zyxel.com.tw", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2021-35029 (GCVE-0-2021-35029)
Vulnerability from cvelistv5
Published
2021-07-02 10:29
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Zyxel | USG/Zywall series Firmware |
Version: 4.35 through 4.64 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:33:49.831Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "USG/Zywall series Firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.35 through 4.64", }, ], }, { product: "USG FLEX series Firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.35 through 5.01", }, ], }, { product: "ATP series Firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.35 through 5.01", }, ], }, { product: "VPN series Firmware", vendor: "Zyxel", versions: [ { status: "affected", version: "4.35 through 5.01", }, ], }, ], descriptions: [ { lang: "en", value: "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287: Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-02T10:29:07", orgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", shortName: "Zyxel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@zyxel.com.tw", ID: "CVE-2021-35029", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "USG/Zywall series Firmware", version: { version_data: [ { version_value: "4.35 through 4.64", }, ], }, }, { product_name: "USG FLEX series Firmware", version: { version_data: [ { version_value: "4.35 through 5.01", }, ], }, }, { product_name: "ATP series Firmware", version: { version_data: [ { version_value: "4.35 through 5.01", }, ], }, }, { product_name: "VPN series Firmware", version: { version_data: [ { version_value: "4.35 through 5.01", }, ], }, }, ], }, vendor_name: "Zyxel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.", }, ], }, impact: { cvss: { baseScore: "9.8", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-287: Improper Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml", refsource: "MISC", url: "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "96e50032-ad0d-4058-a115-4d2c13821f9f", assignerShortName: "Zyxel", cveId: "CVE-2021-35029", datePublished: "2021-07-02T10:29:07", dateReserved: "2021-06-17T00:00:00", dateUpdated: "2024-08-04T00:33:49.831Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202107-0888
Vulnerability from variot
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202107-0888", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "usg60w", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg2200-vpn", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg50", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg flex 100w", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg210", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "zywall atp100w", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall vpn300", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg210", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg40", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg100", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg310", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg40", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg flex 100", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg40w", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "zywall atp200", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall atp700", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg40w", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg1100", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg200", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg110", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg1100", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg300", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg110", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg200", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg100", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg1900", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "zywall vpn50", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg310", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg2000", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg flex 700", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall atp100", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg2000", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall atp500", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall atp800", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall vpn300", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall 310", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg flex 200", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall 110", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg300", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg flex 500", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall vpn100", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg1900", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg flex 100w", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg2200-vpn", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg60", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "zywall vpn50", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg20-vpn", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall atp500", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg20", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "zywall atp200", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg20", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall 1100", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg flex 500", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg60", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall 1100", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg flex 100", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg flex 700", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall atp700", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg20w-vpn", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg20w", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall atp800", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg20-vpn", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg1000", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "usg60w", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg20w-vpn", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall 110", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall 310", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall atp100w", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg20w", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg50", scope: "gte", trust: 1, vendor: "zyxel", version: "4.35", }, { model: "zywall atp100", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "zywall vpn100", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg1000", scope: "lte", trust: 1, vendor: "zyxel", version: "4.64", }, { model: "usg flex 200", scope: "lte", trust: 1, vendor: "zyxel", version: "5.01", }, { model: "usg210", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg1900", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg40", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg60", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg40w", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg110", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg300", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg310", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg60w", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: "usg1100", scope: null, trust: 0.8, vendor: "zyxel", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "NVD", id: "CVE-2021-35029", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg1000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg1000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg2000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg20w_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg20w:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.64", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.01", versionStartIncluding: "4.35", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-35029", }, ], }, cve: "CVE-2021-35029", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-35029", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-008898", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-35029", trust: 1.8, value: "CRITICAL", }, { author: "security@zyxel.com.tw", id: "CVE-2021-35029", trust: 1, value: "CRITICAL", }, { author: "CNNVD", id: "CNNVD-202107-147", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2021-35029", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2021-35029", }, { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "NVD", id: "CVE-2021-35029", }, { db: "NVD", id: "CVE-2021-35029", }, { db: "CNNVD", id: "CNNVD-202107-147", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", sources: [ { db: "NVD", id: "CVE-2021-35029", }, { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "VULMON", id: "CVE-2021-35029", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-35029", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-008898", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202107-147", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-35029", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-35029", }, { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "NVD", id: "CVE-2021-35029", }, { db: "CNNVD", id: "CNNVD-202107-147", }, ], }, id: "VAR-202107-0888", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.33796898636363637, }, last_update_date: "2023-12-18T12:42:25.647000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Zyxel security advisory for attacks against security appliances", trust: 0.8, url: "https://www.zyxel.com/support/zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, { title: "ZyXEL ZyWALL USG Remediation measures for authorization problem vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=155962", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "CNNVD", id: "CNNVD-202107-147", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1, }, { problemtype: "Improper authentication (CWE-287) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "NVD", id: "CVE-2021-35029", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://www.zyxel.com/support/zyxel_security_advisory_for_attacks_against_security_appliances.shtml", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-35029", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/287.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-35029", }, { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "NVD", id: "CVE-2021-35029", }, { db: "CNNVD", id: "CNNVD-202107-147", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-35029", }, { db: "JVNDB", id: "JVNDB-2021-008898", }, { db: "NVD", id: "CVE-2021-35029", }, { db: "CNNVD", id: "CNNVD-202107-147", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-07-02T00:00:00", db: "VULMON", id: "CVE-2021-35029", }, { date: "2022-03-31T00:00:00", db: "JVNDB", id: "JVNDB-2021-008898", }, { date: "2021-07-02T11:15:08.930000", db: "NVD", id: "CVE-2021-35029", }, { date: "2021-07-02T00:00:00", db: "CNNVD", id: "CNNVD-202107-147", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-07-08T00:00:00", db: "VULMON", id: "CVE-2021-35029", }, { date: "2022-03-31T04:46:00", db: "JVNDB", id: "JVNDB-2021-008898", }, { date: "2021-07-08T18:20:48.127000", db: "NVD", id: "CVE-2021-35029", }, { date: "2021-07-09T00:00:00", db: "CNNVD", id: "CNNVD-202107-147", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202107-147", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Zyxel Firmware authentication vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-008898", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "authorization issue", sources: [ { db: "CNNVD", id: "CNNVD-202107-147", }, ], trust: 0.6, }, }