CVE-2021-35033

HIGH

Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, WSR30 - Unauthenticated Root Access via Pre-Configured Password

Title source: llm

Description

A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable to connect the device, or if the remote assistance feature had been enabled by an authenticated user.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://www.zyxel.com/support/Zyxel_security_advisory_for_pre-configured_password_management_vulnerability_of_home_routers_and_WiFi_systems.shtml

Exploit, Third Party Advisory x_refsource_misc

https://www.tenable.com/security/research/tra-2022-06

Scores

CVSS v3 7.8

EPSS 0.0011

EPSS Percentile 29.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-260 CWE-287

Status published

Products (6)

zyxel/nbg6818_firmware < 1.00\(absc.5\)c0

zyxel/nbg7815_firmware < 1.00\(absk.7\)c0

zyxel/wsq20_firmware < 1.00\(abof.11\)c0

zyxel/wsq50_firmware < 2.20\(abkj.7\)c0

zyxel/wsq60_firmware < 2.20\(abnd.8\)c0

zyxel/wsr30_firmware < 1.00\(abmy.12\)c0

Published Nov 23, 2021

Tracked Since Feb 18, 2026