Hardcoded Credentials in ZTE ZXHN H108N Devices Exposing Administrative Access
CVE-2015-7251

9.8CRITICAL

Key Information:

Vendor

Zte

Status
Zxhn H108n R1a Firmware
Vendor
CVE Published:
30 December 2015

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸฃ EPSS 38%

What is CVE-2015-7251?

Certain ZTE ZXHN H108N R1A devices contain a hardcoded password for the root account, which poses a significant security risk. This vulnerability allows remote attackers to gain administrative access through TELNET sessions, exploiting weak security practices. Users of these devices are encouraged to update to the latest firmware version to mitigate potential threats and secure their networks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/77421
vdb-entryx_refsource_BID
https://www.kb.cert.org/vuls/id/BLUU-9ZDJWA
x_refsource_CONFIRM
https://www.kb.cert.org/vuls/id/391604
third-party-advisoryx_refsource_CERT-VN

EPSS Score

38% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.