Zhone Router is prone to a privilege escalation vulnerability. An attacker who successfully exploits this vulnerability can patch the router settings via the /uploadsettings.cgi page. With this functionality, the malicious attacker is able to patch the admin and support password, hence gaining full administrative access to the Zhone router.
