42 matches found
📄 ZTE ZXHN H168N 3.5 Credential Disclosure
The ZTE ZXHN H168N V3.5 firmware exposes quick-setup wizard endpoints that return PPPoE credentials ADUsername, VDUsername and the WLAN KeyPassphrase via the GetPassword action without requiring authentication. The firmware routing allowlists these endpoints through a QuickSetupEnable branch. In...
📄 ZTE ZXHN H168N 3.6 Credential Leak / Admin Compromise
ZTE ZXHN H168N version 3.5 suffers from a password leak vulnerability that leads to full administrative compromise. Title: ZTE ZXHN H168N V3.5 - Unauthenticated Wizard Credential Leak to Full Admin Compromise Date: 2026-05-20 Author: Mina Nageh Salalma Monx Research CVE: CVE-2021-21735 Vendor: ZT...
CVE-2026-34473
Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered against the router's web interface by sending an oversized application/x-www-form-urlencoded POST...
EUVD-2021-8907
Malicious code in bioql PyPI...
EUVD-2021-8901
Malicious code in bioql PyPI...
EUVD-2021-8902
Malicious code in bioql PyPI...
CVE-2021-21729
Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0EG1T5TE, V2.5.5, ZXHN H108N V2.5.5BTMT1...
CVE-2021-21730
A ZTE product is impacted by improper access control vulnerability. The attacker could exploit this vulnerability to access CLI by brute force attacks.This affects: ZXHN H168N V3.5.0TY.T6...
CVE-2021-21735
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up t...
ZTE ZXHN H168N 3.1 - Remote Code Execution (RCE) via authentication bypass
Exploit Title: ZTE ZXHN H168N 3.1 - RCE via authentication bypass Author: l34n / tasos meletlidis Exploit Blog: https://i0.rs/blog/finding-0click-rce-on-two-zte-routers/ import http.client, requests, os, argparse, struct, zlib from io import BytesIO from os import stat from Crypto.Cipher import A...
ZTE多款产品 安全漏洞
ZTE ZXHN H168N and others are products of ZTE Corporation ZTE, China.ZTE ZXHN H168N is a router.ZTE ZXHN E500 is a wireless router.ZTE ZXHN H168A is a wireless router. A security vulnerability exists in various ZTE products, which stems from the presence of a stack-based buffer overflow...
ZTE多款产品 安全漏洞
ZTE ZXHN H168N and others are products of ZTE Corporation ZTE, China.ZTE ZXHN H168N is a router.ZTE ZXHN H168A is a wireless router.ZTE ZXHN E1600 is a Wi-Fi 6 router. A security vulnerability exists in various ZTE products, which stems from the presence of a stack-based buffer overflow...
ZTE多款产品 安全漏洞
ZTE ZXHN H168N and others are products of ZTE Corporation ZTE of China.ZTE ZXHN H168N is a router.ZTE ZXHN E500 is a wireless router.ZTE ZXHN H168A is a wireless router. A security vulnerability exists in various ZTE products, which stems from the presence of a stack-based buffer overflow...
ZTE多款产品 安全漏洞
ZTE ZXHN H168N and others are products of ZTE Corporation ZTE, China.ZTE ZXHN H168N is a router.ZTE ZXHN E500 is a wireless router.ZTE ZXHN H168A is a wireless router. A security vulnerability exists in various ZTE products, which stems from a local file inclusion vulnerability that can be...
CVE-2021-21735
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up t...
CVE-2021-21735
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up t...
Design/Logic Flaw
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up t...
CVE-2021-21735
CVE-2021-21735 concerns a ZTE ZXHN H168N router with an information-leak vulnerability caused by improper permission settings. An attacker with ordinary user permissions can access sensitive user information through the wizard page without authentication, affecting all versions up to 3.5.0_EG1T4_...
CVE-2021-21735
A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up t...
ZTE ZXHN H168N 信息泄露漏洞
The ZTE ZXHN H168N is a router from China's ZTE Corporation ZTE. The ZTE ZXHN H168N 3.5.0EG1T4TE suffers from an information disclosure vulnerability that originates from improper privilege settings, which can be exploited by an attacker with normal user privileges to obtain some sensitive user...