Vulnerability-Lookup

GHSA-XGHR-M3MR-M6M9

Vulnerability from github – Published: 2021-12-29 00:00 – Updated: 2022-01-08 00:00

Details

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-35031"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-28T11:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.",
  "id": "GHSA-xghr-m3mr-m6m9",
  "modified": "2022-01-08T00:00:46Z",
  "published": "2021-12-29T00:00:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35031"
    },
    {
      "type": "WEB",
      "url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-35031 (GCVE-0-2021-35031)

Vulnerability from cvelistv5 – Published: 2021-12-28 10:36 – Updated: 2024-08-04 00:33

Summary

Severity

6.8 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

Zyxel

References

1 reference

URL	Tags
https://www.zyxel.com/support/Zyxel_security_advi…	x_refsource_CONFIRM

Impacted products

3 products

Vendor	Product	Version
Zyxel	GS1900 series firmware	Affected: 2.60
Zyxel	XGS1210 series firmware	Affected: 1.00(ABTY.4)C0
Zyxel	XGS1250 series firmware	Affected: 1.00(ABWE.0)C0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:49.873Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "GS1900 series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "2.60"
            }
          ]
        },
        {
          "product": "XGS1210 series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "1.00(ABTY.4)C0"
            }
          ]
        },
        {
          "product": "XGS1250 series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "1.00(ABWE.0)C0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-28T16:05:43.000Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@zyxel.com.tw",
          "ID": "CVE-2021-35031",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "GS1900 series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.60"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "XGS1210 series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.00(ABTY.4)C0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "XGS1250 series firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.00(ABWE.0)C0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Zyxel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml",
              "refsource": "CONFIRM",
              "url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2021-35031",
    "datePublished": "2021-12-28T10:36:23.000Z",
    "dateReserved": "2021-06-17T00:00:00.000Z",
    "dateUpdated": "2024-08-04T00:33:49.873Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-XGHR-M3MR-M6M9

CVE-2021-35031 (GCVE-0-2021-35031)

Tags

Sightings

Nomenclature