Headline
CVE-2021-35036: Zyxel security advisory for cleartext storage of information vulnerability
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
CVE: CVE-2021-35036
Summary
Zyxel is releasing patches addressing a cleartext storage of information vulnerability in its products. Users are advised to install the patches for optimal protection.
What is the vulnerability?
The cleartext storage of information vulnerability is due to a CGI program lacking proper protection of the device’s login privilege and TR-069 configuration. The vulnerability cannot be exploited unless the attacker can first be successfully authenticated and log in to the device’s management interface. The TR-069 protocol is not enabled by default in the generic version of the firmware; therefore, it cannot be exploited by attackers.
What versions are vulnerable—and what should you do?
After a thorough investigation, we have identified the vulnerable products that are within their vulnerability support period, with their firmware patches shown in the table below.
Product
Affected model
Patch availability*
DSL/Ethernet CPE
VMG3625-T50B
- Customized firmware version V5.50(ABTL.0)b2r
- EMEA: V5.50(ABPM.7)C0
- Central America: V5.50(ACCR.0)b4
VMG3927-T50K
V5.50(ABOM.8)C0
VMG8623-T50B
V5.50(ABPM.7)C0
VMG8825-T50K
V5.50(ABOM.8)C0
EMG3525-T50B
V5.50(ABPM.7)C0
EMG5523-T50B
V5.50(ABPM.7)C0
EMG5723-T50K
V5.50(ABOM.8)C0
DX3301-T0
V5.50(ABVY.3)C0
DX5401-B0
V5.17(ABYO.2)C0
EX5401-B0
V5.17(ABYO.2)C0
EX5501-B0
V5.17(ABRY.3)C0
Fiber ONT
AX7501-B Series
V5.17(ABPC.2)C0
EP240P
V5.40(ABVH.0)C0a03
PMG5617GA
V5.40(ABNA.2)C0
PMG5622GA
V5.40(ABNB.2)C0
PMG5317-T20B
V5.40(ABKI.4)C0
PMG5617-T20B2
V5.41(ACBB.1)C0
PM7300-T0
V5.42(ACBC.1)C0
5G NR/4G LTE CPE
LTE3301-PLUS
V1.00(ABQU.6)C0 in Dec. 2022
LTE5388-M804
V1.00(ABSQ.4)C0 in Dec. 2022
LTE5388-S905
V1.00(ABVI.6)C0 in Dec. 2022
LTE5398-M904
V1.00(ABQV.2)C0 in Dec. 2022
LTE7240-M403
V2.00(ABMG.6)C0 in Dec. 2022
LTE7461-M602
V2.00(ABQN.6)C0 in Dec. 2022
LTE7480-S905
V2.00(ABQT.6)C0 in Dec. 2022
LTE7480-M804
V1.00(ABRA.6)C0 in Dec. 2022
LTE7485-S905
V1.00(ABVN.6)C0 in Dec. 2022
LTE7490-M804
V1.00(ABQY.5)C0 in Dec. 2022
NR5101
V1.00(ABVC.6)C0 in Dec. 2022
NR7101
V1.00(ABUV.7)C0 in Dec. 2022
NR7102
V1.00(ABYD.2)C0 in Dec. 2022
*Please contact your sales representative or support team for the file.
For ISPs, please contact your Zyxel sales or service representatives for further details.
For end-users who received your Zyxel device from an ISP, we recommend you reach out to the ISP’s support team directly, as the device may have custom-built settings.
For end-users who purchased the Zyxel devices on your own, please contact your local Zyxel support team for the new firmware file to ensure optimal protection, or visit our forum for further assistance.
Got a question?
Please contact your local service rep or visit Zyxel’s Community for further information or assistance.
Acknowledgment
Thanks to M.nageh for reporting the issue to us.
Revision history
2022-09-27: Initial release