Details of VAR-202107-0888

ID

VAR-202107-0888

CVE

CVE-2021-35029

TITLE

plural Zyxel Firmware authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-008898

DESCRIPTION

An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Trust: 1.71

sources: NVD: CVE-2021-35029 // JVNDB: JVNDB-2021-008898 // VULMON: CVE-2021-35029

AFFECTED PRODUCTS

vendor:	zyxel	model:	usg310	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg310	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg flex 100	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg flex 200	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg flex 700	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall atp100w	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall atp100w	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg flex 100	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg flex 700	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg60w	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	zywall atp100	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall vpn300	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg20w-vpn	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg2200-vpn	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall 110	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg100	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg60w	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall atp100	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg2200-vpn	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg100	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg300	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg flex 200	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg110	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg40	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg40w	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	zywall vpn50	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall atp200	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall 1100	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg300	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg1000	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall vpn300	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall 110	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg110	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg1100	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg1000	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg40w	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg40	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall atp200	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg1100	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	zywall atp700	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall atp800	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall atp800	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall vpn50	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall 1100	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg200	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg200	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	zywall atp700	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg60	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg1900	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg60	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg20w	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	zywall atp500	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg20-vpn	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg flex 500	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall atp500	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg20-vpn	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg1900	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg210	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg20w	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg20	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg50	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg flex 500	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg210	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg50	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	zywall vpn100	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg flex 100w	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall vpn100	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	zywall 310	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg flex 100w	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	zywall 310	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg2000	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg20	scope:	gte	version:	4.35	Trust: 1.0
vendor:	zyxel	model:	usg20w-vpn	scope:	lte	version:	5.01	Trust: 1.0
vendor:	zyxel	model:	usg2000	scope:	lte	version:	4.64	Trust: 1.0
vendor:	zyxel	model:	usg210	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg1900	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg40	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg60	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg40w	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg110	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg300	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg310	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg60w	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	usg1100	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-008898 // NVD: CVE-2021-35029

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-35029
value:	CRITICAL
Trust: 1.0
security@zyxel.com.tw:	CVE-2021-35029
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-35029
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202107-147
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2021-35029
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-35029
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2021-35029
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-008898
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2021-35029 // JVNDB: JVNDB-2021-008898 // CNNVD: CNNVD-202107-147 // NVD: CVE-2021-35029 // NVD: CVE-2021-35029

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	Improper authentication (CWE-287) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-008898 // NVD: CVE-2021-35029

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202107-147

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202107-147

PATCH

title:	Zyxel security advisory for attacks against security appliances	url:	https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml	Trust: 0.8
title:	ZyXEL ZyWALL USG Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155962	Trust: 0.6

sources: JVNDB: JVNDB-2021-008898 // CNNVD: CNNVD-202107-147

EXTERNAL IDS

db:	NVD	id:	CVE-2021-35029	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-008898	Trust: 0.8
db:	CNNVD	id:	CNNVD-202107-147	Trust: 0.6
db:	VULMON	id:	CVE-2021-35029	Trust: 0.1

sources: VULMON: CVE-2021-35029 // JVNDB: JVNDB-2021-008898 // CNNVD: CNNVD-202107-147 // NVD: CVE-2021-35029

REFERENCES

url:	https://www.zyxel.com/support/zyxel_security_advisory_for_attacks_against_security_appliances.shtml	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-35029	Trust: 1.4
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2021-35029 // JVNDB: JVNDB-2021-008898 // CNNVD: CNNVD-202107-147 // NVD: CVE-2021-35029

SOURCES

db:	VULMON	id:	CVE-2021-35029
db:	JVNDB	id:	JVNDB-2021-008898
db:	CNNVD	id:	CNNVD-202107-147
db:	NVD	id:	CVE-2021-35029

LAST UPDATE DATE

2024-08-14T15:38:00.341000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2021-35029	date:	2021-07-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-008898	date:	2022-03-31T04:46:00
db:	CNNVD	id:	CNNVD-202107-147	date:	2021-07-09T00:00:00
db:	NVD	id:	CVE-2021-35029	date:	2021-07-08T18:20:48.127

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2021-35029	date:	2021-07-02T00:00:00
db:	JVNDB	id:	JVNDB-2021-008898	date:	2022-03-31T00:00:00
db:	CNNVD	id:	CNNVD-202107-147	date:	2021-07-02T00:00:00
db:	NVD	id:	CVE-2021-35029	date:	2021-07-02T11:15:08.930