Description

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e.g., serial number, ESSID, MAC addresses).

INFO

Published Date :

2026-05-06T00:00:00.000Z

Last Modified :

2026-05-07T12:14:19.747Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2026-34474 vulnerability.

Vendors Products
Zte
  • Zxhn H108n
  • Zxhn H298a
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-34474.

URL Resource
https://gist.github.com/minanagehsalalma/7a8516b9b00d0008f2f25750320560c9 cve-icon cve-icon
https://www.zte.com.cn/global/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact