Exploitation Summary
EIP tracks 2 public exploits for CVE-2026-34474. PoCs published by Mina Nageh Salalma, minanagehsalalma.
AI-analyzed exploit summary This exploit demonstrates an unauthenticated information disclosure vulnerability in ZTE H298A and H108N routers. It sends HTTP GET requests to specific endpoints to retrieve plaintext administrator credentials, Wi-Fi PSK, ESSID, and serial number without requiring authentication.
Description
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e.g., serial number, ESSID, MAC addresses).
Exploits (2)
This exploit demonstrates an unauthenticated information disclosure vulnerability in ZTE H298A and H108N routers. It sends HTTP GET requests to specific endpoints to retrieve plaintext administrator credentials, Wi-Fi PSK, ESSID, and serial number without requiring authentication.
This repository contains functional exploit code for CVE-2026-34474, which exposes sensitive data (admin password, ESSID, Wi-Fi password, and serial number) from ZTE H298A and H108N devices via unauthenticated HTTP requests. The PoC scripts demonstrate the vulnerability by querying specific endpoints and extracting the exposed fields.
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N