CWE
312
Advisory Published
Updated

CVE-2021-21734

First published: Fri May 28 2021(Updated: )

Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1, ZXA10 F822P V1.1.1T7, ZXA10 F832 V2.00.00.01

Credit: psirt@zte.com.cn

Affected SoftwareAffected VersionHow to fix
Zte Zxa10 F821 Firmware=1.7.0p3t22
Zte Zxa10 F821
Zte Zxa10 F822 Firmware=1.4.3t6
Zte Zxa10 F822
Zte Zxa10 F819 Firmware=1.2.1t5
Zte Zxa10 F819
Zte Zxa10 F832 Firmware=1.1.1t7
Zte Zxa10 F832
Zte Zxa10 F839 Firmware=1.1.0t8
Zte Zxa10 F839
Zte Zxa10 F809 Firmware=3.2.1t1
Zte Zxa10 F809
Zte Zxa10 F822p Firmware=1.1.1t7
Zte Zxa10 F822p
Zte Zxa10 F832v2 Firmware=2.00.00.01
Zte Zxa10 F832v2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the vulnerability ID for the ZTE PON MDU devices?

    The vulnerability ID for the ZTE PON MDU devices is CVE-2021-21734.

  • Which ZTE PON MDU devices are affected by this vulnerability?

    The ZTE PON MDU devices affected by this vulnerability are ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1.

  • What is the severity of CVE-2021-21734?

    The severity of CVE-2021-21734 is medium with a severity score of 6.5.

  • What is the impact of this vulnerability?

    This vulnerability allows users with login authority to obtain sensitive information stored in plaintext on the affected ZTE PON MDU devices.

  • Where can I find more information about CVE-2021-21734?

    You can find more information about CVE-2021-21734 on the ZTE support website: [Link](https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015524).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203