CVE-2021-47741 HIGH

CVE-2021-47741: ZBL EPON ONU Broadband Router V100R001 Privilege Escalation via Configuration Endpoint

Vendor Zblchina
Product ZBL EPON ONU Broadband Router
Weakness CWE-522 · Insufficiently protected credentials
Published December 31, 2025
Last update January 2, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclose the super user password and gain additional privileged functionalities.

Key dates

02Disclosure timeline

December 31, 2025 CVE published
January 2, 2026 Record updated