Common Credential Vulnerability in ZXHN-F660T and ZXHN-F660A Devices by ZTE
CVE-2025-53558

8.7HIGH

Key Information:

Vendor
CVE Published:
31 July 2025

What is CVE-2025-53558?

The ZXHN-F660T and ZXHN-F660A devices manufactured by ZTE Japan K.K. are susceptible to a security flaw that arises from the use of a common login credential across all installations. This vulnerability can allow unauthorized attackers to gain access to these devices if they discover the shared credential. Such access could potentially lead to various security breaches, compromising device integrity and user data.

Affected Version(s)

ZXHN-F660A prior to V1.0.10P14N4

ZXHN-F660T prior to V1.0.10P17N4

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

CVSS V3.0

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.