CVE-2018-7358

MEDIUM

ZTE ZXHN H168N Firmware V2.2.0_PK1.2T5 V2.2.0_PK1.2T2 V2.2.0_PK11T7 V2.2.0_PK11T - Improper Authentication

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7358. PoCs published by Usman Saeed.

AI-analyzed exploit summary This PoC demonstrates unauthenticated access to WLAN credentials and the ability to change the WLAN passphrase via UPnP SOAP requests on ZTE ZXHN H168N devices. It exploits CVE-2018-7358 by sending crafted XML payloads to the vulnerable endpoints.

Description

ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Usman Saeed · textwebappshardware
https://www.exploit-db.com/exploits/45972

This PoC demonstrates unauthenticated access to WLAN credentials and the ability to change the WLAN passphrase via UPnP SOAP requests on ZTE ZXHN H168N devices. It exploits CVE-2018-7358 by sending crafted XML payloads to the vulnerable endpoints.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: ZTE ZXHN H168N v2.2 (Software Version: V2.2.0_PK1.2T5)
No auth needed
Prerequisites: Network access to the vulnerable device · UPnP service exposed on port 52869
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105963
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45972/

Scores

CVSS v3 6.5
EPSS 0.8964
EPSS Percentile 99.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-287
Status published
Products (4)
zte/zxhn_h168n_firmware 2.2.0_pk1.2t2
zte/zxhn_h168n_firmware 2.2.0_pk1.2t5
zte/zxhn_h168n_firmware 2.2.0_pk11t
zte/zxhn_h168n_firmware 2.2.0_pk11t7
Published Nov 14, 2018
Tracked Since Feb 18, 2026