Vulnerability Description
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1, ZXA10 F822P V1.1.1T7, ZXA10 F832 V2.00.00.01
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zte | Zxa10 F821 Firmware | 1.7.0p3t22 |
| Zte | Zxa10 F821 | - |
| Zte | Zxa10 F822 Firmware | 1.4.3t6 |
| Zte | Zxa10 F822 | - |
| Zte | Zxa10 F819 Firmware | 1.2.1t5 |
| Zte | Zxa10 F819 | - |
| Zte | Zxa10 F832 Firmware | 1.1.1t7 |
| Zte | Zxa10 F832 | - |
| Zte | Zxa10 F839 Firmware | 1.1.0t8 |
| Zte | Zxa10 F839 | - |
| Zte | Zxa10 F809 Firmware | 3.2.1t1 |
| Zte | Zxa10 F809 | - |
| Zte | Zxa10 F822P Firmware | 1.1.1t7 |
| Zte | Zxa10 F822P | - |
| Zte | Zxa10 F832V2 Firmware | 2.00.00.01 |
| Zte | Zxa10 F832V2 | - |
Related Weaknesses (CWE)
References
- https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015524Vendor Advisory
- https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015524Vendor Advisory
FAQ
What is CVE-2021-21734?
CVE-2021-21734 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 ...
How severe is CVE-2021-21734?
CVE-2021-21734 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-21734?
Check the references section above for vendor advisories and patch information. Affected products include: Zte Zxa10 F821 Firmware, Zte Zxa10 F821, Zte Zxa10 F822 Firmware, Zte Zxa10 F822, Zte Zxa10 F819 Firmware.