| CVE / Issue | Description | |-------------|-------------| | | Hardcoded backdoor credentials ( admin:admin , root:Zte521 ) in many models | | CVE-2021-21741 | Unauthenticated command injection in web interface ( ping_test.cgi ) | | CVE-2018-10355 | Weak password recovery (easily guessable token generation) | | CVE-2022-26477 | Telnet enabled by default with hardcoded root password | | TR-069 exploits | Remote ISP backdoor can be abused if authentication is bypassed | | Firmware encryption | Many models use weak XOR or fixed keys for firmware encryption, making reverse engineering easy |
| CVE / Issue | Description | |-------------|-------------| | | Hardcoded backdoor credentials ( admin:admin , root:Zte521 ) in many models | | CVE-2021-21741 | Unauthenticated command injection in web interface ( ping_test.cgi ) | | CVE-2018-10355 | Weak password recovery (easily guessable token generation) | | CVE-2022-26477 | Telnet enabled by default with hardcoded root password | | TR-069 exploits | Remote ISP backdoor can be abused if authentication is bypassed | | Firmware encryption | Many models use weak XOR or fixed keys for firmware encryption, making reverse engineering easy |