Share
## https://sploitus.com/exploit?id=PACKETSTORM:221997
-----BEGIN SECURITY ADVISORY-----
Advisory ID: MONX-2026-003
CVE ID: CVE-2026-34474
Title: ZTE ZXHN H298A / H108N - Unauthenticated Admin Password &
WLAN Credential Exposure
Affected: ZTE ZXHN H298A 1.1, ZTE ZXHN H108N 2.6 (EOL; no patch
planned)
Date: 2026-05-20
Author: Mina Nageh Salalma (Monx Research)
Contact: minanageh379@gmail.com
Public URL:
https://github.com/minanagehsalalma/cve-2026-34474-zte-h298a-h108n-sensitive-data-exposure
MITRE: https://www.cve.org/CVERecord?id=CVE-2026-34474
VULNERABILITY DESCRIPTION
--------------------------
A single unauthenticated HTTP GET to /getpage.lua?pid=1000ÐCheat=1 on ZTE
H298A or H108N routers returns the live administrator password
(OBJ_USERINFO_IDPassword1), WLAN PSK (WLANPSK_KeyPassphrase1), and SSID in
plaintext HTML. A second endpoint exposes the device serial number.
Note: ZTE declined vendor-side assignment citing product EOL. MITRE assigned
CVE-2026-34474 directly and published the record 2026-05-06. These devices
remain deployed by some ISPs.
CREDITS
-------
Mina Nageh Salalma (Monx Research)
https://github.com/minanagehsalalma
-----END SECURITY ADVISORY-----