EIP-2026-102141

PRE-CVE

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102141. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The document describes a session vulnerability in ZTE ZXV10 W300 v3.1.0c_DR0 that allows remote attackers to delete LAN configurations via a GET request to /Forms/home_lan_1, requiring a hard reset. It includes technical details, PoC logs, and exploitation steps.

Description

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textwebappshardware

https://www.exploit-db.com/exploits/37323

View Code ZIP pw:eip

The document describes a session vulnerability in ZTE ZXV10 W300 v3.1.0c_DR0 that allows remote attackers to delete LAN configurations via a GET request to /Forms/home_lan_1, requiring a hard reset. It includes technical details, PoC logs, and exploitation steps.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: ZTE ZXV10 W300 v3.1.0c_DR0

Auth required

Prerequisites: Valid session · Access to the router's web interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026