CVE-2021-35033
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable to connect the device, or if the remote assistance feature had been enabled by an authenticated user.
Una vulnerabilidad en versiones específicas del firmware de Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60 y WSR30 con administación de contraseñas preconfigurada podría permitir a un atacante obtener acceso root del dispositivo, si el atacante local desmonta el dispositivo y usa un cable USB a UART para conectarlo, o si la funcionalidad remote assistance ha sido habilitada por un usuario autenticado
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-17 CVE Reserved
- 2021-11-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-260: Password in Configuration File
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.tenable.com/security/research/tra-2022-06 | 2024-08-04 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zyxel Search vendor "Zyxel" | Nbg6818 Firmware Search vendor "Zyxel" for product "Nbg6818 Firmware" | < 1.00\(absc.5\)c0 Search vendor "Zyxel" for product "Nbg6818 Firmware" and version " < 1.00\(absc.5\)c0" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nbg6818 Search vendor "Zyxel" for product "Nbg6818" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nbg7815 Firmware Search vendor "Zyxel" for product "Nbg7815 Firmware" | < 1.00\(absk.7\)c0 Search vendor "Zyxel" for product "Nbg7815 Firmware" and version " < 1.00\(absk.7\)c0" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nbg7815 Search vendor "Zyxel" for product "Nbg7815" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wsq20 Firmware Search vendor "Zyxel" for product "Wsq20 Firmware" | < 1.00\(abof.11\)c0 Search vendor "Zyxel" for product "Wsq20 Firmware" and version " < 1.00\(abof.11\)c0" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wsq20 Search vendor "Zyxel" for product "Wsq20" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wsq50 Firmware Search vendor "Zyxel" for product "Wsq50 Firmware" | < 2.20\(abkj.7\)c0 Search vendor "Zyxel" for product "Wsq50 Firmware" and version " < 2.20\(abkj.7\)c0" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wsq50 Search vendor "Zyxel" for product "Wsq50" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wsq60 Firmware Search vendor "Zyxel" for product "Wsq60 Firmware" | < 2.20\(abnd.8\)c0 Search vendor "Zyxel" for product "Wsq60 Firmware" and version " < 2.20\(abnd.8\)c0" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wsq60 Search vendor "Zyxel" for product "Wsq60" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wsr30 Firmware Search vendor "Zyxel" for product "Wsr30 Firmware" | < 1.00\(abmy.12\)c0 Search vendor "Zyxel" for product "Wsr30 Firmware" and version " < 1.00\(abmy.12\)c0" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wsr30 Search vendor "Zyxel" for product "Wsr30" | - | - |
Safe
|