CVE-2026-34474

Published: May 6, 2026

Modified: May 26, 2026

PUBLISHED

Description

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e.g., serial number, ESSID, MAC addresses).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.zte.com.cn/global/

https://gist.github.com/minanagehsalalma/7a8516b9b00d0008f2f25750320560c9

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-34474

Description

Affected Products

References