Vulnerability Details CVE-2021-21734
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1, ZXA10 F822P V1.1.1T7, ZXA10 F832 V2.00.00.01
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-21734
-
cpe:2.3:h:zte:zxa10_f809:-
-
cpe:2.3:h:zte:zxa10_f819:-
-
cpe:2.3:h:zte:zxa10_f821:-
-
cpe:2.3:h:zte:zxa10_f822:-
-
cpe:2.3:h:zte:zxa10_f822p:-
-
cpe:2.3:h:zte:zxa10_f832:-
-
cpe:2.3:h:zte:zxa10_f832v2:-
-
cpe:2.3:h:zte:zxa10_f839:-
-
cpe:2.3:o:zte:zxa10_f809_firmware:3.2.1t1
-
cpe:2.3:o:zte:zxa10_f819_firmware:1.2.1t5
-
cpe:2.3:o:zte:zxa10_f821_firmware:1.7.0p3t22
-
cpe:2.3:o:zte:zxa10_f822_firmware:1.4.3t6
-
cpe:2.3:o:zte:zxa10_f822p_firmware:1.1.1t7
-
cpe:2.3:o:zte:zxa10_f832_firmware:1.1.1t7
-
cpe:2.3:o:zte:zxa10_f832v2_firmware:2.00.00.01
-
cpe:2.3:o:zte:zxa10_f839_firmware:1.1.0t8