CVE-2021-35029
Published on: 07/02/2021 12:00:00 AM UTC
Last Modified on: 07/08/2021 06:20:00 PM UTC
Certain versions of Usg100 from Zyxel contain the following vulnerability:
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.
- CVE-2021-35029 has been assigned by
[email protected] to track the vulnerability - currently rated as CRITICAL severity.
- Affected Vendor/Software:
Zyxel - USG/Zywall series Firmware version 4.35 through 4.64
- Affected Vendor/Software:
Zyxel - USG FLEX series Firmware version 4.35 through 5.01
- Affected Vendor/Software:
Zyxel - ATP series Firmware version 4.35 through 5.01
- Affected Vendor/Software:
Zyxel - VPN series Firmware version 4.35 through 5.01
CVSS3 Score: 9.8 - CRITICAL
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.5 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
404 Error | Zyxel | www.zyxel.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Hardware
| Zyxel | Usg100 | - | All | All | All |
Hardware
| Zyxel | Usg1000 | - | All | All | All |
Operating System | Zyxel | Usg1000 Firmware | All | All | All | All |
Operating System | Zyxel | Usg100 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg110 | - | All | All | All |
Hardware
| Zyxel | Usg1100 | - | All | All | All |
Operating System | Zyxel | Usg1100 Firmware | All | All | All | All |
Operating System | Zyxel | Usg110 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg1900 | - | All | All | All |
Operating System | Zyxel | Usg1900 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg20 | - | All | All | All |
Hardware
| Zyxel | Usg20-vpn | - | All | All | All |
Operating System | Zyxel | Usg20-vpn Firmware | All | All | All | All |
Hardware
| Zyxel | Usg200 | - | All | All | All |
Hardware
| Zyxel | Usg2000 | - | All | All | All |
Operating System | Zyxel | Usg2000 Firmware | All | All | All | All |
Operating System | Zyxel | Usg200 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg20w | - | All | All | All |
Hardware
| Zyxel | Usg20w-vpn | - | All | All | All |
Operating System | Zyxel | Usg20w-vpn Firmware | All | All | All | All |
Operating System | Zyxel | Usg20w Firmware | All | All | All | All |
Operating System | Zyxel | Usg20 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg210 | - | All | All | All |
Operating System | Zyxel | Usg210 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg2200-vpn | - | All | All | All |
Operating System | Zyxel | Usg2200-vpn Firmware | All | All | All | All |
Hardware
| Zyxel | Usg300 | - | All | All | All |
Operating System | Zyxel | Usg300 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg310 | - | All | All | All |
Operating System | Zyxel | Usg310 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg40 | - | All | All | All |
Hardware
| Zyxel | Usg40w | - | All | All | All |
Operating System | Zyxel | Usg40w Firmware | All | All | All | All |
Operating System | Zyxel | Usg40 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg50 | - | All | All | All |
Operating System | Zyxel | Usg50 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg60 | - | All | All | All |
Hardware
| Zyxel | Usg60w | - | All | All | All |
Operating System | Zyxel | Usg60w Firmware | All | All | All | All |
Operating System | Zyxel | Usg60 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg Flex 100 | - | All | All | All |
Hardware
| Zyxel | Usg Flex 100w | - | All | All | All |
Operating System | Zyxel | Usg Flex 100w Firmware | All | All | All | All |
Operating System | Zyxel | Usg Flex 100 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg Flex 200 | - | All | All | All |
Operating System | Zyxel | Usg Flex 200 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg Flex 500 | - | All | All | All |
Operating System | Zyxel | Usg Flex 500 Firmware | All | All | All | All |
Hardware
| Zyxel | Usg Flex 700 | - | All | All | All |
Operating System | Zyxel | Usg Flex 700 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall 110 | - | All | All | All |
Hardware
| Zyxel | Zywall 1100 | - | All | All | All |
Operating System | Zyxel | Zywall 1100 Firmware | All | All | All | All |
Operating System | Zyxel | Zywall 110 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall 310 | - | All | All | All |
Operating System | Zyxel | Zywall 310 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Atp100 | - | All | All | All |
Hardware
| Zyxel | Zywall Atp100w | - | All | All | All |
Operating System | Zyxel | Zywall Atp100w Firmware | All | All | All | All |
Operating System | Zyxel | Zywall Atp100 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Atp200 | - | All | All | All |
Operating System | Zyxel | Zywall Atp200 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Atp500 | - | All | All | All |
Operating System | Zyxel | Zywall Atp500 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Atp700 | - | All | All | All |
Operating System | Zyxel | Zywall Atp700 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Atp800 | - | All | All | All |
Operating System | Zyxel | Zywall Atp800 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Vpn100 | - | All | All | All |
Operating System | Zyxel | Zywall Vpn100 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Vpn300 | - | All | All | All |
Operating System | Zyxel | Zywall Vpn300 Firmware | All | All | All | All |
Hardware
| Zyxel | Zywall Vpn50 | - | All | All | All |
Operating System | Zyxel | Zywall Vpn50 Firmware | All | All | All | All |
- cpe:2.3:h:zyxel:usg100:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg1000:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg1000_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg100_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg2000:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg2000_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg20w:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg20w_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg50:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg50_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*:
- cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*:
- cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|