CVE-2021-35032
published 2021-12-28CVE-2021-35032: A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zyxel | gs1900-10hp_firmware | < 2.70\(aazi.0\)-20211208 | 2.70\(aazi.0\)-20211208 |
| zyxel | gs1900-16_firmware | < 2.70\(aahj.0\)-20211208 | 2.70\(aahj.0\)-20211208 |
| zyxel | gs1900-24_firmware | < 2.70\(aahl.0\)-20211208 | 2.70\(aahl.0\)-20211208 |
| zyxel | gs1900-24e_firmware | < 2.70\(aahk.0\)-20211208 | 2.70\(aahk.0\)-20211208 |
| zyxel | gs1900-24ep_firmware | < 2.70\(abto.0\)-20211208 | 2.70\(abto.0\)-20211208 |
| zyxel | gs1900-24hp_firmware | < 2.70\(aahm.0\)-20211208 | 2.70\(aahm.0\)-20211208 |
| zyxel | gs1900-24hpv2_firmware | < 2.70\(aatp.0\)-20211208 | 2.70\(aatp.0\)-20211208 |
| zyxel | gs1900-48_firmware | < 2.70\(aahn.0\)-20211208 | 2.70\(aahn.0\)-20211208 |
| zyxel | gs1900-48hp_firmware | < 2.70\(aaho.0\)-20211208 | 2.70\(aaho.0\)-20211208 |
| zyxel | gs1900-48hpv2_firmware | < 2.70\(abtq.0\)-20211208 | 2.70\(abtq.0\)-20211208 |
| zyxel | gs1900-8_firmware | < 2.70\(aahh.0\)-20211208 | 2.70\(aahh.0\)-20211208 |
| zyxel | gs1900-8hp_firmware | < 2.70\(aahi.0\)-20211208 | 2.70\(aahi.0\)-20211208 |
| zyxel | gs1900_series_firmware | — | — |