CVE-2014-4018

ZTE ZXV10 W300 - Info Disclosure

Title source: llm

Description

The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.

Exploits (1)

exploitdb WRITEUP

by Osanda Malith Jayathissa · textwebappshardware

https://www.exploit-db.com/exploits/33803

View Code ZIP pw:eip

References (3)

[Exploit] http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html

[Exploit] http://www.exploit-db.com/exploits/33803

[Exploit] https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/

Scores

EPSS 0.0619

EPSS Percentile 90.7%

Classification

CWE

CWE-255

Status draft

Affected Products (2)

zte/zxv10_w300_firmware

zte/zxv10_w300

Timeline

Published Jul 16, 2014

Tracked Since Feb 18, 2026