CVE-2021-47741

HIGH

ZBL EPON ONU Broadband Router V100R001 - Privilege Escalation

Title source: llm

Description

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclose the super user password and gain additional privileged functionalities.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/49737

View Code ZIP pw:eip

References (5)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/49737

[Various Sources] http://www.zblchina.com

[Various Sources] https://web.archive.org/web/20211220094023/http://www.wd-thailand.com/

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5647.php

[Third Party Advisory] https://www.vulncheck.com/advisories/zbl-epon-onu-broadband-router-vr-privilege-escalation-via-configuration-endpoint

Scores

CVSS v3 7.5

EPSS 0.0005

EPSS Percentile 15.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-522

Status published

Products (1)

Zblchina/ZBL EPON ONU Broadband Router 1.0

Published Dec 31, 2025

Tracked Since Feb 18, 2026