← back
CVE-2021-47741

ZBL EPON ONU Broadband Router V100R001 Privilege Escalation via Configuration Endpoint

CVSS 8.7 HIGHEPSS 0.2%CWE-522
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
31 Dec 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclose the super user password and gain additional privileged functionalities.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Zblchina · ZBL EPON ONU Broadband Router

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://web.archive.org/web/20211220094023/http://www.wd-thailand.com/https://www.exploit-db.com/exploits/49737https://www.vulncheck.com/advisories/zbl-epon-onu-broadband-router-vr-privilege-escalation-via-configuration-endpointhttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5647.phphttp://www.zblchina.com