CVE-2021-21735

MEDIUM

ZXHN H168N Firmware < 3.5.0_eg1t4_te - Unauthenticated Sensitive Information Exposure via Wizard Page

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-21735. PoCs published by minanagehsalalma.

AI-analyzed exploit summary This repository contains a functional Python script that exploits CVE-2021-21735, an information leak vulnerability in ZTE ZXHN H168N routers. The script extracts sensitive credentials (PPPoE and WLAN) from unauthenticated wizard endpoints, demonstrating the vulnerability's impact.

Description

A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE.

Exploits (1)

nomisec WORKING POC
by minanagehsalalma · poc
https://github.com/minanagehsalalma/cve-2021-21735-zte-zxhn-h168n-admin-compromise

This repository contains a functional Python script that exploits CVE-2021-21735, an information leak vulnerability in ZTE ZXHN H168N routers. The script extracts sensitive credentials (PPPoE and WLAN) from unauthenticated wizard endpoints, demonstrating the vulnerability's impact.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: ZTE ZXHN H168N V3.5
No auth needed
Prerequisites: Target host list (IPs/URLs)
devstral-2 · analyzed May 21, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 6.5
EPSS 0.0078
EPSS Percentile 50.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-281
Status published
Products (2)
None/ZXHN H168N All versions up to V3.5.0_EG1T4_TE
zte/zxhn_h168n_firmware < 3.5.0_eg1t4_te
Published Jun 10, 2021
Tracked Since Feb 18, 2026