Primary

Context

ZTE ZXHN-F660T and F660A Common Credential Vulnerability Allowing Unauthorized Access

Vulnerability

Patched

A vulnerability exists in the ZTE ZXHN-F660T and ZXHN-F660A Optical Network Units (ONUs) provided by ZTE Japan K.K. These devices use a common credential for all installations, allowing an attacker with knowledge of the credential to log in to the affected devices. This vulnerability affects ZXHN-F660T firmware versions prior to V1.0.10P17N4 and ZXHN-F660A firmware versions prior to V1.0.10P14N4.

Impact

Exploitation of this vulnerability allows for unauthorized access to the affected devices.

Remediation

Users are advised to update the firmware to the latest version available from the developer. The fixed firmware invalidates the common credential.

Added: Jul 31, 2025, 6:22 AM

Updated: Jul 31, 2025, 6:22 AM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ZTE ZXHN-F660T and F660A Common Credential Vulnerability Allowing Unauthorized Access

Vulnerability

Impact

Remediation

Affected Products

ZTE ZXHN-F660A

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating