CVE-2026-34472
Published: 30 March 2026
Summary
CVE-2026-34472 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Zte Zxhn H188A Firmware. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly counters the missing authentication for critical functions by requiring identification, limitation, authorization, and monitoring of permitted unauthenticated actions in the wizard interface.
Mandates unique identification and authentication for non-organizational users like local network attackers accessing the router's web management interface.
Enforces approved authorizations for logical access to the web management wizard, preventing unauthenticated disclosure of credentials and configuration changes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The unauthenticated vulnerability in the router's web wizard interface directly enables exploitation of a public-facing application (T1190) to obtain unsecured credentials (T1552).
NVD Description
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK, and PPPoE…
more
credentials. In some observed cases, configuration changes may also be performed without authentication.
Deeper analysisAI
CVE-2026-34472, published on 2026-03-30, is an unauthenticated credential disclosure vulnerability in the wizard interface of ZTE ZXHN H188A routers running firmware versions V6.0.10P2_TE and V6.0.10P3N3_TE. It enables attackers to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK, and PPPoE credentials. The issue is associated with CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) and CWE-306 (Missing Authentication for Critical Function), and carries a CVSS v3.1 base score of 7.1 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), indicating high confidentiality impact with low integrity impact and no availability impact.
Unauthenticated attackers on the local network can exploit this vulnerability with low attack complexity and no user interaction required. Exploitation allows retrieval of critical credentials, potentially granting full administrative access to the router. In some observed cases, attackers may also perform configuration changes without authentication, enabling further network compromise such as altering Wi-Fi settings or internet connection parameters.
Advisories and additional details are available via references including a GitHub Gist at https://gist.github.com/minanagehsalalma/7a8516b9b00d0008f2f25750320560c9 and the ZTE official website at https://www.zte.com.cn/global/.
Details
- CWE(s)