{"vulnerability": "cve-2021-3503", "sightings": [{"uuid": "ec03d352-7895-4e6a-afca-2e4ae034d5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35036", "type": "seen", "source": "https://t.me/cibsecurity/38251", "content": "\u203c CVE-2021-35036 \u203c\n\nA command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS commands on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-01T12:23:58.000000Z"}, {"uuid": "4d4f8555-4efc-47fa-aa3a-196669266180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3503", "type": "seen", "source": "https://t.me/cibsecurity/41045", "content": "\u203c CVE-2021-3503 \u203c\n\nA flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:29:46.000000Z"}, {"uuid": "d97b1f27-0054-4a13-a14c-af93876b62bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35030", "type": "seen", "source": "https://t.me/cibsecurity/26479", "content": "\u203c CVE-2021-35030 \u203c\n\nA vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-26T16:11:23.000000Z"}, {"uuid": "bad73f02-88d8-4939-b0d7-0c115858b45b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35035", "type": "seen", "source": "https://t.me/cibsecurity/34733", "content": "\u203c CVE-2021-35035 \u203c\n\nA cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-29T16:25:54.000000Z"}, {"uuid": "bfa772c7-754c-453a-9204-1096bad4b938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35034", "type": "seen", "source": "https://t.me/cibsecurity/34734", "content": "\u203c CVE-2021-35034 \u203c\n\nAn insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-29T16:25:55.000000Z"}, {"uuid": "d0b5fec7-2f6b-4bde-8529-b85cf4539718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35039", "type": "seen", "source": "https://t.me/cibsecurity/25949", "content": "\u203c CVE-2021-35039 \u203c\n\nkernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-07T07:37:22.000000Z"}, {"uuid": "6d5b6126-1bac-428d-9668-f27f13499bb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35036", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3mmoxcast6o2h", "content": "Zyxel router flaw let unprivileged users pull super-admin passwords and management secrets. New technical breakdown of CVE-2021-35036 shows the access\u2026\n\nhttps://www.reddit.com/r/netsec/comments/1tkkq0m/zyxel_lowpriv_account_leaked_superadmin_ftps_and/\n\n#cybersecurity #infosec", "creation_timestamp": "2026-05-25T17:00:23.338947Z"}, {"uuid": "466bd6bc-532c-4190-9694-80a998993198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2021-35036", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3mmgziloe5e2g", "content": "CVE-2021\u201335036: Super-Admin Password Leak Affecting Zyxel CPE/ONT/LTE Fleet\n\nhttps://medium.com/@monxresearch/cve-2021-35036-super-admin-password-leak-affecting-zyxel-cpe-ont-lte-fleet-6549d72d0f3d?source=rss------bug_bounty-5", "creation_timestamp": "2026-05-22T13:18:25.710222Z"}]}