Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
2 vulnerabilities found for usg50 by zyxel
VAR-201702-0159
Vulnerability from variot - Updated: 2025-04-20 23:42Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets. ZyXELUSG50 and others are products of ZyXEL Technology. The ZyXELUSG50 is a firewall product. ZyXELNWA3560-N is a switch product. A remote denial of service vulnerability exists in several Zyxel products. Both Zyxel USG50 Security Appliance and NWA3560-N Access Point are products of Zyxel. The former is a set of network security firewall equipment, and the latter is a wireless access point product. Security vulnerabilities exist in Zyxel USG50 Security Appliance and NWA3560-N Access Point
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0159",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg50",
"scope": null,
"trust": 2.2,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa3560-n",
"scope": null,
"trust": 2.2,
"vendor": "zyxel",
"version": null
},
{
"model": "usg50",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa3560-n",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "usg50",
"scope": "eq",
"trust": 0.3,
"vendor": "zyxel",
"version": "0"
},
{
"model": "nwa3560-n",
"scope": "eq",
"trust": 0.3,
"vendor": "zyxel",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "BID",
"id": "97105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:zyxel:nwa3560-n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa3560-n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:zyxel:usg50",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:usg50_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "97105"
}
],
"trust": 0.3
},
"cve": "CVE-2016-10227",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-10227",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-10836",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-88982",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-10227",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-10227",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-10227",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-10836",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-634",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88982",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "VULHUB",
"id": "VHN-88982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets. ZyXELUSG50 and others are products of ZyXEL Technology. The ZyXELUSG50 is a firewall product. ZyXELNWA3560-N is a switch product. A remote denial of service vulnerability exists in several Zyxel products. Both Zyxel USG50 Security Appliance and NWA3560-N Access Point are products of Zyxel. The former is a set of network security firewall equipment, and the latter is a wireless access point product. Security vulnerabilities exist in Zyxel USG50 Security Appliance and NWA3560-N Access Point",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10227"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "BID",
"id": "97105"
},
{
"db": "VULHUB",
"id": "VHN-88982"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-10227",
"trust": 3.4
},
{
"db": "BID",
"id": "97105",
"trust": 2.0
},
{
"db": "CXSECURITY",
"id": "WLB-2017020177",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-10836",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-88982",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "VULHUB",
"id": "VHN-88982"
},
{
"db": "BID",
"id": "97105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"id": "VAR-201702-0159",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "VULHUB",
"id": "VHN-88982"
}
],
"trust": 1.16666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
}
]
},
"last_update_date": "2025-04-20T23:42:16.627000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel advisory for the BlackNurse attack",
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_blacknurse_attack.shtml"
},
{
"title": "Patches for multiple Zyxel products remote denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/95658"
},
{
"title": "Zyxel USG50 Security Appliance and NWA3560-N Access Point Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68194"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.zyxel.com/support/announcement_blacknurse_attack.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/97105"
},
{
"trust": 1.7,
"url": "https://cxsecurity.com/issue/wlb-2017020177"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10227"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-10227"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10227#vulndescriptiontitle"
},
{
"trust": 0.3,
"url": "http://www.zyxel.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "VULHUB",
"id": "VHN-88982"
},
{
"db": "BID",
"id": "97105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"db": "VULHUB",
"id": "VHN-88982"
},
{
"db": "BID",
"id": "97105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"date": "2017-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-88982"
},
{
"date": "2017-02-23T00:00:00",
"db": "BID",
"id": "97105"
},
{
"date": "2017-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"date": "2017-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"date": "2017-02-21T07:59:00.157000",
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-10836"
},
{
"date": "2017-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-88982"
},
{
"date": "2017-03-29T00:02:00",
"db": "BID",
"id": "97105"
},
{
"date": "2017-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007698"
},
{
"date": "2017-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-634"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-10227"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel USG50 Security Appliance and NWA3560-N Access Point Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007698"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-634"
}
],
"trust": 0.6
}
}
VAR-202107-0888
Vulnerability from variot - Updated: 2024-08-14 15:38An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-0888",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg flex 100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall vpn300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg20w-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2200-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall 110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg2200-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg300",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg flex 200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg40",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg40w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall vpn50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall vpn300",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 110",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg110",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg40w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg40",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp700",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall atp800",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp800",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall vpn50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 1100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg200",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg200",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp700",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg60",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg1900",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg60",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg20w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall atp500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg20-vpn",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall atp500",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg1900",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg210",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg50",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg flex 500",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg210",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg50",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "zywall vpn100",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 100w",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall vpn100",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "zywall 310",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg flex 100w",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "zywall 310",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg2000",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20",
"scope": "gte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.35"
},
{
"model": "usg20w-vpn",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "5.01"
},
{
"model": "usg2000",
"scope": "lte",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.64"
},
{
"model": "usg210",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1900",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg110",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg300",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg310",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"cve": "CVE-2021-35029",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-35029",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-35029",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-008898",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-35029",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "security@zyxel.com.tw",
"id": "CVE-2021-35029",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-35029",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-147",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-35029",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. plural Zyxel There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "VULMON",
"id": "CVE-2021-35029"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-35029",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-35029",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"id": "VAR-202107-0888",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38938492750000003
},
"last_update_date": "2024-08-14T15:38:00.341000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel\u00a0security\u00a0advisory\u00a0for\u00a0attacks\u00a0against\u00a0security\u00a0appliances",
"trust": 0.8,
"url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
},
{
"title": "ZyXEL ZyWALL USG Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155962"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.zyxel.com/support/zyxel_security_advisory_for_attacks_against_security_appliances.shtml"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-35029"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
},
{
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"date": "2022-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"date": "2021-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-147"
},
{
"date": "2021-07-02T11:15:08.930000",
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-08T00:00:00",
"db": "VULMON",
"id": "CVE-2021-35029"
},
{
"date": "2022-03-31T04:46:00",
"db": "JVNDB",
"id": "JVNDB-2021-008898"
},
{
"date": "2021-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-147"
},
{
"date": "2021-07-08T18:20:48.127000",
"db": "NVD",
"id": "CVE-2021-35029"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Zyxel\u00a0 Firmware authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008898"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-147"
}
],
"trust": 0.6
}
}