Lucene search
K

116 matches found

Exploit DB
Exploit DB
added 2026/05/29 12:0 a.m.91 views

ZTE ZXHN H188A V6 - Authentication Bypass

Exploit Title: ZTE ZXHN H188A V6 - Authentication Bypass Date: 2026-05-20 Exploit Author: Mina Nageh Salalma Monx Research Vendor Homepage: https://www.zte.com.cn Software Link: https://github.com/minanagehsalalma/cve-2026-34472-auth-bypass-zte-h188a-router Version: ZXHN H188A V6.0.10P2TE,...

7.1CVSS5.8AI score0.08943EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/05/26 8:12 a.m.18 views

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

7.5CVSS5.8AI score0.24681EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2026/05/26 12:0 a.m.76 views

📄 ZTE ZXHN H168N 3.5 Credential Disclosure

The ZTE ZXHN H168N V3.5 firmware exposes quick-setup wizard endpoints that return PPPoE credentials ADUsername, VDUsername and the WLAN KeyPassphrase via the GetPassword action without requiring authentication. The firmware routing allowlists these endpoints through a QuickSetupEnable branch. In...

6.5CVSS6.6AI score0.00921EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/05/26 12:0 a.m.61 views

📄 ZTE ZXHN H188A V6 Authentication Bypass

Unauthenticated requests to the root path of ZTE ZXHN H188A V6 firmware can reach pre-login wizard handlers and disclose WLAN PSKs, SSIDs, and PPPoE usernames. The leaked Wi-Fi password is also the default administrator password after uppercasing, resulting in full authentication bypass. -----BEG...

7.1CVSS5.8AI score0.08943EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/05/26 12:0 a.m.95 views

📄 ZTE ZXHN Router Denial of Service

The CGILua post.lua parser used in ZTE ZXHN routers does not enforce an upper bound on the body size of application/x-www-form-urlencoded POST requests. An unauthenticated attacker can crash or freeze the router's web management service by sending a single HTTP POST request with an oversized body...

7.5CVSS5.9AI score0.02376EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/05/20 12:0 a.m.80 views

📄 ZTE ZXHN H168N 3.6 Credential Leak / Admin Compromise

ZTE ZXHN H168N version 3.5 suffers from a password leak vulnerability that leads to full administrative compromise. Title: ZTE ZXHN H168N V3.5 - Unauthenticated Wizard Credential Leak to Full Admin Compromise Date: 2026-05-20 Author: Mina Nageh Salalma Monx Research CVE: CVE-2021-21735 Vendor: ZT...

6.5CVSS6.6AI score0.00921EPSS
Exploits2
NVD
NVD
added 2026/05/06 7:16 p.m.9 views

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

7.5CVSS0.24681EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2026/05/06 12:0 a.m.9 views

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

5.8AI score0.24681EPSS
Exploits3References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 12:0 a.m.7 views

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

5.8AI score0.24681EPSS
Exploits3References3
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

ZTE ZXHN H108N和ZTE ZXHN H298A 信息泄露漏洞

ZTE ZXHN H108N and ZTE ZXHN H298A are both products of China’s ZTE Corporation. ZTE ZXHN H108N is a modem. ZTE ZXHN H298A is a home gateway routing device. Both the ZTE ZXHN H298A version 1.1 and H108N version 2.6 have information leakage vulnerabilities. These vulnerabilities stem from specially...

7.5CVSS5.8AI score0.24681EPSS
Exploits3References2
EUVD
EUVD
added 2026/03/30 6:31 p.m.6 views

EUVD-2026-17107

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

7.1CVSS5.9AI score0.08943EPSS
Exploits3References3
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.21 views

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

0.08943EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29045

Name of the Vulnerable Software and Affected Versions ZTE ZXHN H188A versions V6.0.10P2 TE through V6.0.10P3N3 TE Description An issue exists that allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface. These credentials...

7.1CVSS5.8AI score0.08943EPSS
Exploits3References8
CVE
CVE
added 2026/03/30 12:0 a.m.63 views

CVE-2026-34472

CVE-2026-34472 affects ZTE ZXHN H188A routers with firmware versions V6.0.10P2_TE and V6.0.10P3N3_TE. An unauthenticated attacker on the local network can access the router’s web management wizard interface to disclose sensitive credentials (default administrator password, WLAN PSK, PPPoE credent...

7.1CVSS5.9AI score0.08943EPSS
Exploits3References3Affected Software1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.10 views

ZTE ZXHN H188A 安全漏洞

The ZTE ZXHN H188A is a home gateway router device produced by ZTE Corporation. Both the ZTE ZXHN H188A V6.0.10P2TE version and the V6.0.10P3N3TE version contain security vulnerabilities. These vulnerabilities stem from unvalidated wizard interfaces, which may allow local network attackers to...

7.1CVSS5.8AI score0.08943EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19093

Malware in sbrugna...

6.5CVSS6.6AI score0.00824EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-13056

Malware in sbrugna...

9CVSS8.2AI score0.01859EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-19094

Malware in sbrugna...

9CVSS8.3AI score0.01197EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-7180

Malware in sbrugna...

6.8CVSS7.2AI score0.05534EPSS
Exploits4References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19095

Malware in sbrugna...

8.8CVSS6.7AI score0.00878EPSS
Exploits0References2
Rows per page
Query Builder