PT-2021-14746 · Zte · Zxhn H168N

Published

2021-06-10

·

Updated

2026-05-28

·

CVE-2021-21735

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions ZXHN H168N versions prior to V3.5.0 EG1T4 TE
Description An information leak exists due to improper permission settings. An attacker with ordinary user permissions can obtain sensitive user information, specifically PPPoE and WLAN secrets, without authentication. This occurs because endpoints under '/wizard page/' use a brittle whitelist decision, leading to route misclassification in the firmware and secret exposure through setup handlers. In some deployments, this leaked subscriber data can be used to gain administrator access and compromise wireless security. Additionally, this can be part of a browser-delivered chain where a victim is lured through a rogue access point or captive portal to exfiltrate the Wi-Fi passphrase.
Recommendations Update to a version later than V3.5.0 EG1T4 TE. As a temporary workaround, restrict access to the '/wizard page/' endpoints to minimize the risk of exploitation.

Fix

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2021-21735

Affected Products

Zxhn H168N