CVE-2021-21734
Last modified
CVE-2021-21734 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1, ZXA10 F822P V1.1.1T7, ZXA10 F832 V2.00.00.01. EPSS estimates a 0.51% chance of exploitation in the next 30 days.
Description
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1, ZXA10 F822P V1.1.1T7, ZXA10 F832 V2.00.00.01
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Zte | Zxa10 F821 Firmware | 1.7.0p3t22 |
| Zte | Zxa10 F822 Firmware | 1.4.3t6 |
| Zte | Zxa10 F819 Firmware | 1.2.1t5 |
| Zte | Zxa10 F832 Firmware | 1.1.1t7 |
| Zte | Zxa10 F839 Firmware | 1.1.0t8 |
| Zte | Zxa10 F809 Firmware | 3.2.1t1 |
| Zte | Zxa10 F822p Firmware | 1.1.1t7 |
| Zte | Zxa10 F832v2 Firmware | 2.00.00.01 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-21734?
How severe is CVE-2021-21734?
How do I fix CVE-2021-21734?
Are you affected by CVE-2021-21734?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST