Auto-merge PR#3014

2025-07-29 05:56:59 +00:00 · 2021-09-29 06:40:11 -04:00 · 2021-09-29 06:40:11 -04:00 · cd5b1d6125
commit cd5b1d6125
parent 7f69669b94 dd94ca34a3
1 changed files with 1 additions and 18 deletions
--- a/2021/35xxx/CVE-2021-35028.json
+++ b/2021/35xxx/CVE-2021-35028.json
@ -1,18 +1 @@
-{
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
-    "CVE_data_meta": {
-        "ID": "CVE-2021-35028",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
-    },
-    "description": {
-        "description_data": [
-            {
-                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
-            }
-        ]
-    }
-}
+{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"PSIRT@zyxel.com.tw","ID":"CVE-2021-35028"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Zyxel","product":{"product_data":[{"product_name":"ZyWALL VPN2S Firmware","version":{"version_data":[{"version_value":"1.12(ABLN.0)C0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}]},"references":{"reference_data":[{"url":"https://www.zyxel.com/support/Zyxel_security_advisory_for_directory_traversal_and_command_injection_vulnerabilities_of_VPN2S_Firewall.shtml"}]},"impact":{"cvss":{"baseScore":"7.3","vectorString":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}},"description":{"description_data":[{"lang":"eng","value":"A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands."}]}}