Privilege Escalation Vulnerability in ZBL EPON ONU Broadband Router by ZBL
CVE-2021-47741

8.7HIGH

Key Information:

Vendor

Zblchina

Status
Zbl Epon Onu Broadband Router
Vendor
CVE Published:
31 December 2025

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2021-47741?

The ZBL EPON ONU Broadband Router V100R001 possesses a vulnerability that allows limited administrative users to escalate their privileges. This is achieved by sending specially crafted requests to the router's configuration endpoints, enabling attackers to potentially access sensitive configuration pages, such as the backup or password retrieval section. By exploiting this weakness, an attacker may uncover the superuser password, granting them elevated privileges and undermining the security of the router.

Affected Version(s)

ZBL EPON ONU Broadband Router 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2021-47741 - Proof of Concept

References

https://www.exploit-db.com/exploits/49737
exploit
http://www.zblchina.com
product
https://web.archive.org/web/20211220094023/http://www.wd-...
product

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

LiquidWorm as Gjoko Krstic of Zero Science Lab
JSON
.
CVE-2021-47741 : Privilege Escalation Vulnerability in ZBL EPON ONU Broadband Router by ZBL