CVE-2026-34472 - Vulnerability Details

Description

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK, and PPPoE credentials. In some observed cases, configuration changes may also be performed without authentication.

Published: 2026-03-30

Score: 7.1 High

EPSS: 8.9% Low

KEV: No

Impact:

Action:

Analysis

Impact

Unauthenticated attackers on a local network can retrieve sensitive information from the ZTE ZXHN H188A router’s web interface, including the default administrator password, WLAN pre‑shared key, and PPPoE credentials. In some instances the attacker may also alter router settings without authentication, elevating the risk of unauthorized changes to network configuration. The weakness follows two common categories of insecure design: exposure of confidential data and lack of proper authentication controls.

Affected Systems

The vulnerability affects ZTE ZXHN H188A routers running firmware versions 6.0.10P2_TE and 6.0.10P3N3_TE. Users of these specific firmware releases should verify their device version and consider upgrading if possible.

Risk and Exploitability

With a CVSS score of 7.1 the problem is of moderate to high severity. The EPSS score is 9%, indicating higher exploitation likelihood. The vulnerability is not listed in the CISA KEV catalog, but the attack vector is inferred to be local network access without authentication, which is typically achievable for anyone connected to the same LAN. The attacker can easily gather credentials and, in some cases, reconfigure network settings, potentially compromising entire network security.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:zte:zxhn_h188a_firmware:6.0.10p2_te:*:*:*:*:*:*:*

cpe:2.3:h:zte:zxhn_h188a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:zte:zxhn_h188a_firmware:6.0.10p3n3_te:*:*:*:*:*:*:*

cpe:2.3:h:zte:zxhn_h188a:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Zte

Zxhn H188a

80%

Version	Status	Scheme	Platform
`6.0.10P2_TE`	affected	generic	—
`6.0.10P3N3_TE`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the router firmware to the latest release available from ZTE for the ZXHN H188A line.
Immediately change any default or weak administrator passwords and secure wireless credentials.
Disable remote management and any unused services exposed on the router’s management interface.
Apply network segmentation or VLANs to restrict local network users from accessing the router’s web interface.
Regularly review firmware updates on the vendor’s website or trusted security advisories.

Generated by OpenCVE AI on June 24, 2026 at 13:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.08943.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
http://seclists.org/fulldisclosure/2026/May/19
https://gist.github.com/minanagehsalalma/7a8516b9b00d0008f2f25750320560c9
https://www.zte.com.cn/global/

History

Wed, 24 Jun 2026 13:45:00 +0000

Type	Values Removed	Values Added
Title	Unauthenticated Credential Disclosure on ZTE ZXHN H188A Router

Wed, 24 Jun 2026 09:15:00 +0000

Type	Values Removed	Values Added
Title		Unauthenticated Credential Disclosure on ZTE ZXHN H188A Router

Wed, 24 Jun 2026 06:00:00 +0000

Type	Values Removed	Values Added
Title	Unauthenticated Credential Disclosure in ZTE ZXHN H188A Router

Wed, 24 Jun 2026 02:45:00 +0000

Type	Values Removed	Values Added
Title		Unauthenticated Credential Disclosure in ZTE ZXHN H188A Router

Tue, 23 Jun 2026 23:15:00 +0000

Type	Values Removed	Values Added
Title	Unauthenticated Credential Disclosure via Web Wizard Interface on ZTE ZXHN H188A Routers

Tue, 23 Jun 2026 19:00:00 +0000

Type	Values Removed	Values Added
Title		Unauthenticated Credential Disclosure via Web Wizard Interface on ZTE ZXHN H188A Routers

Tue, 23 Jun 2026 16:15:00 +0000

Type	Values Removed	Values Added
Title	Unauthenticated Local Network Credential Disclosure via ZTE ZXHN H188A Router Wizard

Thu, 18 Jun 2026 16:45:00 +0000

Type	Values Removed	Values Added
Title		Unauthenticated Local Network Credential Disclosure via ZTE ZXHN H188A Router Wizard

Wed, 17 Jun 2026 11:45:00 +0000

Type	Values Removed	Values Added
Title	Unauthorized Credential Disclosure and Configuration Alteration via ZTE ZXHN H188A Router

Tue, 16 Jun 2026 14:30:00 +0000

Type	Values Removed	Values Added
Title		Unauthorized Credential Disclosure and Configuration Alteration via ZTE ZXHN H188A Router

Tue, 26 May 2026 13:45:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2026/May/19

Wed, 08 Apr 2026 20:15:00 +0000

Type	Values Removed	Values Added
Title	Unauthenticated Access to ZTE ZXHN H188A Router Credentials

Wed, 08 Apr 2026 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Zte zxhn H188a Firmware
CPEs		cpe:2.3:h:zte:zxhn_h188a:-:::::::* cpe:2.3:o:zte:zxhn_h188a_firmware:6.0.10p2_te:::::::* cpe:2.3:o:zte:zxhn_h188a_firmware:6.0.10p3n3_te:::::::*
Vendors & Products		Zte zxhn H188a Firmware

Fri, 03 Apr 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Zte Zte zxhn H188a
Vendors & Products		Zte Zte zxhn H188a

Tue, 31 Mar 2026 03:00:00 +0000

Type	Values Removed	Values Added
Title		Unauthenticated Access to ZTE ZXHN H188A Router Credentials

Mon, 30 Mar 2026 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-200 CWE-306
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 30 Mar 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description		Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK, and PPPoE credentials. In some observed cases, configuration changes may also be performed without authentication.
References		https://gist.github.com/minanagehsalalma/7a8516b9b00d0008f2f25750320560c9 https://www.zte.com.cn/global/

Subscriptions

Zte Zxhn H188a Zxhn H188a Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-03-30T00:00:00.000Z

Updated: 2026-05-26T05:20:49.814Z

Reserved: 2026-03-27T00:00:00.000Z

Link: CVE-2026-34472

Vulnrichment

Updated: 2026-05-26T05:20:49.814Z

NVD

Status : Modified

Published: 2026-03-30T16:16:07.703

Modified: 2026-06-17T10:39:05.910

Link: CVE-2026-34472

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-24T13:30:06Z

Weaknesses

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-306
Missing Authentication for Critical Function

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object