Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-35036
HistoryMar 01, 2022 - 7:15 a.m.

CVE-2021-35036

2022-03-0107:15:06
CWE-312
[email protected]
web.nvd.nist.gov
47
cve-2021-35036
zyxel vmg3625-t50b
firmware vulnerability
cleartext storage
information security

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.

Affected configurations

NVD
Node
zyxelax7501-b0_firmwareRange<5.17\(abpc.2\)c0
AND
zyxelax7501-b0Match-
Node
zyxeldx3301-t0_firmwareRange<5.50\(abvy.3\)c0
AND
zyxeldx3301-t0Match-
Node
zyxeldx5401-b0_firmwareRange<5.17\(abyo.2\)c0
AND
zyxeldx5401-b0Match-
Node
zyxelemg3525-t50b_firmwareRange<5.50\(abpm.7\)c0
AND
zyxelemg3525-t50bMatch-
Node
zyxelemg5523-t50b_firmwareRange<5.50\(abpm.7\)c0
AND
zyxelemg5523-t50bMatch-
Node
zyxelemg5723-t50k_firmwareRange<5.50\(abom.8\)c0
AND
zyxelemg5723-t50kMatch-
Node
zyxelep240p_firmwareRange<5.40\(abvh.0\)c0a03
AND
zyxelep240pMatch-
Node
zyxelex5401-b0_firmwareRange<5.17\(abyo.2\)c0
AND
zyxelex5401-b0Match-
Node
zyxelex5501-b0_firmwareRange<5.17\(abry.3\)c0
AND
zyxelex5501-b0Match-
Node
zyxellte3301-plus_firmwareRange<1.00\(abqu.6\)c0
AND
zyxellte3301-plusMatch-
Node
zyxellte5388-m804_firmwareRange<1.00\(abra.6\)c0
AND
zyxellte5388-m804Match-
Node
zyxellte5388-s905_firmwareRange<1.00\(abvi.6\)c0
AND
zyxellte5388-s905Match-
Node
zyxellte5398-m904_firmwareRange<1.00\(abqv.2\)c0
AND
zyxellte5398-m904Match-
Node
zyxellte7240-m403_firmwareRange<2.00\(abmg.6\)c0
AND
zyxellte7240-m403Match-
Node
zyxellte7461-m602_firmwareRange<2.00\(abqn.6\)c0
AND
zyxellte7461-m602Match-
Node
zyxellte7480-m804_firmwareRange<1.00\(abra.6\)c0
AND
zyxellte7480-m804Match-
Node
zyxellte7480-s905_firmwareRange<2.00\(abqt.6\)c0
AND
zyxellte7480-s905Match-
Node
zyxellte7485-s905_firmwareRange<1.00\(abvn.6\)c0
AND
zyxellte7485-s905Match-
Node
zyxellte7490-m804_firmwareRange<v1.00\(abqy.5\)c0
AND
zyxellte7490-m804Match-
Node
zyxelnr5101_firmwareRange<1.00\(abvc.6\)c0
AND
zyxelnr5101Match-
Node
zyxelnr7101_firmwareRange<1.00\(abuv.7\)c0
AND
zyxelnr7101Match-
Node
zyxelnr7102_firmwareRange<1.00\(abyd.2\)c0
AND
zyxelnr7102Match-
Node
zyxelpm7300-t0_firmwareRange<5.42\(acbc.1\)c0
AND
zyxelpm7300-t0Match-
Node
zyxelpmg5317-t20b_firmwareRange<5.40\(abki.4\)c0
AND
zyxelpmg5317-t20bMatch-
Node
zyxelpmg5617-t20b2_firmwareRange<5.41\(acbb.1\)c0
AND
zyxelpmg5617-t20b2Match-
Node
zyxelpmg5617ga_firmwareRange<5.40\(abna.2\)c0
AND
zyxelpmg5617gaMatch-
Node
zyxelpmg5622ga_firmwareRange<5.40\(abnb.2\)c0
AND
zyxelpmg5622gaMatch-
Node
zyxelvmg3625-t50b_firmwareRange<5.50\(abtl.0\)b2r
AND
zyxelvmg3625-t50bMatch-
Node
zyxelvmg3927-t50k_firmwareRange<5.50\(abom.8\)c0
AND
zyxelvmg3927-t50kMatch-
Node
zyxelvmg8623-t50b_firmwareRange<5.50\(abpm.7\)c0
AND
zyxelvmg8623-t50bMatch-
Node
zyxelvmg8825-t50k_firmwareRange<5.50\(abom.8\)c0
AND
zyxelvmg8825-t50kMatch-
Node
zyxelvmg3625-t50b_firmwareRange<5.50\(accr.0\)b4central_america
AND
zyxelvmg3625-t50bMatch-
Node
zyxelvmg3625-t50b_firmwareRange<5.50\(abpm.7\)c0emea
AND
zyxelvmg3625-t50bMatch-

CNA Affected

[
  {
    "product": "VMG3625-T50B firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "V5.50(ABTL.0)b2k"
      }
    ]
  }
]

Related

prion 1
cvelist 1
nvd 1
prion
prion
Information disclosure
2022-03-01 07:15:00
cvelist
cvelist
CVE-2021-35036
2022-03-01 06:20:12
nvd
nvd
CVE-2021-35036
2022-03-01 07:15:06

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON
Related for CVE-2021-35036
prion1cvelist1nvd1