CVE-2021-35036 MEDIUM

CVE-2021-35036

Vendor Zyxel
Product VMG3625-T50B firmware
Weakness CWE-312 · Cleartext storage
Published March 1, 2022
Last update August 4, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.

Key dates

02Disclosure timeline

March 1, 2022 CVE published
August 4, 2024 Record updated