CVE-2021-35031
MEDIUMZyxel GS1900 Series Firmware < 2.70 - Authenticated OS Command Injection via TFTP Client
Title source: llmDescription
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml
Scores
CVSS v3
6.8
EPSS
0.0008
EPSS Percentile
24.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (14)
zyxel/gs1900-10hp_firmware
< 2.70\(aazi.0\)-20211208
zyxel/gs1900-16_firmware
< 2.70\(aahj.0\)-20211208
zyxel/gs1900-24_firmware
< 2.70\(aahl.0\)-20211208
zyxel/gs1900-24e_firmware
< 2.70\(aahk.0\)-20211208
zyxel/gs1900-24ep_firmware
< 2.70\(abto.0\)-20211208
zyxel/gs1900-24hp_firmware
< 2.70\(aahm.0\)-20211208
zyxel/gs1900-24hpv2_firmware
< 2.70\(aatp.0\)-20211208
zyxel/gs1900-48_firmware
< 2.70\(aahn.0\)-20211208
zyxel/gs1900-48hp_firmware
< 2.70\(aaho.0\)-20211208
zyxel/gs1900-48hpv2_firmware
< 2.70\(abtq.0\)-20211208
... and 4 more
Published
Dec 28, 2021
Tracked Since
Feb 18, 2026