ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
Loading...
Loading...
Score 9.8 from GitHub Security Advisory (severity: CRITICAL) published 2022-05-17. NVD baseline CVSS 9.8; sources differ by 0.0.
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
December 30, 2015
May 6, 2026
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Working exploit code is in the public domain (1 Exploit-DB entry). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities
Open source ↗See which npm, PyPI, Go, and Maven packages are affected by CVE-2015-7251
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.