Common Credential Vulnerability in ZXHN-F660T and ZXHN-F660A Devices by ZTE
CVE-2025-53558

8.7HIGH

Key Information:

Vendor: Zte Japan. K.k.
Status: Zxhn-f660t; Zxhn-f660a
Vendor: CVE Published:; 31 July 2025

🔔 Create Zte Japan. K.k. Vulnerability Alert

What is CVE-2025-53558?

The ZXHN-F660T and ZXHN-F660A devices manufactured by ZTE Japan K.K. are susceptible to a security flaw that arises from the use of a common login credential across all installations. This vulnerability can allow unauthorized attackers to gain access to these devices if they discover the shared credential. Such access could potentially lead to various security breaches, compromising device integrity and user data.

Affected Version(s)

ZXHN-F660A prior to V1.0.10P14N4

ZXHN-F660T prior to V1.0.10P17N4

References

https://jvn.jp/en/jp/JVN66546573/

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2025
Vulnerability Reserved
Jul 24, 2025