CVE-2021-37273

A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times.

CVSS v3 7.5 HIGH
CVSS v2.0 7.8 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://www.cnvd.org.cn/flaw/show/2958526	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:chinatelecom:epon_tianyi_gateway_zxhn_f450:-:*:*:*:*:*:*:*

cpe:2.3:o:chinatelecom:epon_tianyi_gateway_zxhn_f450_firmware:3.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-09-28 18:15

Updated : 2021-10-07 12:42

NVD link : CVE-2021-37273

Mitre link : CVE-2021-37273

CVE.ORG link : CVE-2021-37273

JSON object : View

Products Affected

chinatelecom

epon_tianyi_gateway_zxhn_f450
epon_tianyi_gateway_zxhn_f450_firmware

CWE

NVD-CWE-noinfo

{"id": "CVE-2021-37273", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-09-28T18:15:08.793", "references": [{"url": "https://www.cnvd.org.cn/flaw/show/2958526", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) 3.0. Tianyi Gateway is a hardware terminal of \"Optical Modem Smart Router.\" Attackers can use this vulnerability to restart the device multiple times."}, {"lang": "es", "value": "Se presenta un problema de denegaci\u00f3n de servicio en China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) versi\u00f3n 3.0. Tianyi Gateway es un terminal de hardware de \"Optical Modem Smart Router\". Unos atacantes pueden usar esta vulnerabilidad para reiniciar el dispositivo varias veces"}], "lastModified": "2021-10-07T12:42:03.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:chinatelecom:epon_tianyi_gateway_zxhn_f450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AE693CA8-D527-42A7-A5F4-3300CC52E60D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:chinatelecom:epon_tianyi_gateway_zxhn_f450_firmware:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B6F27A6-5FEC-4F1B-9408-5CF40B9DFE2C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}