CVE-2015-7252

EIP tracks 1 public exploit for CVE-2015-7252. PoCs published by Karn Ganeshen.

AI-analyzed exploit summary This is a detailed writeup describing multiple vulnerabilities in ZTE ZXHN H108N R1A and ZXV10 W300 routers, including information exposure, improper authorization, path traversal, hard-coded credentials, and XSS. It provides proof-of-concept details for each vulnerability but does not include executable exploit code.

Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter.