CVE-2021-35036

Name of the Vulnerable Software and Affected Versions Zyxel VMG3625-T50B version V5.50(ABTL.0)b2k Zyxel NWA-1100-NH (affected versions not specified)

Description A vulnerability exists that could allow an attacker to obtain sensitive information or execute arbitrary OS commands on the device. The issue is related to cleartext storage of information in the configuration file and a command injection vulnerability in the web interface.

Recommendations For Zyxel VMG3625-T50B version V5.50(ABTL.0)b2k, consider updating the firmware to a version that addresses the cleartext storage issue. For Zyxel NWA-1100-NH, as a temporary workaround, consider restricting access to the web interface to minimize the risk of command injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.