CVE-2026-34474
published 2026-05-06CVE-2026-34474: Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose…
PriorityP275high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
24.68%
97.6th percentile
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e.g., serial number, ESSID, MAC addresses).
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP GET requests to /wizard_page/wizard_overETHfail_set_lua.lua without authentication; this endpoint leaks the device serial number. ↗
- →No authentication, session token, or cookie is required to exploit this vulnerability; absence of auth headers combined with the targeted paths is a strong signal of exploitation. ↗
- ·Some firmware versions may only expose partial device identifiers rather than full credentials; not all affected builds leak the admin password and WLAN PSK. ↗
- ·Confirmed affected firmware versions are ZXHN H298A 1.1 and ZXHN H108N 2.6; detections should be scoped to these device/version combinations. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ggh9-x7x7-xpw4: Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1
ghsa_unreviewed·2026-05-06
CVE-2026-34474 GHSA-ggh9-x7x7-xpw4: Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e.g., serial number, ESSID, MAC addresses).
VulDB
ZTE ZXHN H298A 1.1 Router Web Interface information disclosure (EUVD-2026-27883)
vuldb·2026-05-06
CVE-2026-34474 [LOW] ZTE ZXHN H298A 1.1 Router Web Interface information disclosure (EUVD-2026-27883)
A vulnerability labeled as problematic has been found in ZTE ZXHN H298A 1.1. Affected by this issue is some unknown functionality of the component Router Web Interface. Executing a manipulation can lead to information disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
The identification of this vulnerability is CVE-2026-34474. The attack may be launched remotely. There is no exploit available.
No detection rules found.
No writeups or analysis indexed.
2026-05-06
Published