Vulnerability Details CVE-2015-7255
ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.kb.cert.org/vuls/id/566724
- https://github.com/sec-consult/houseofkeys/search?p=3&q=zte&type=&utf8=%E2%9C%93
- https://www.kb.cert.org/vuls/id/BLUU-A2NQYR
- http://www.kb.cert.org/vuls/id/566724
- https://github.com/sec-consult/houseofkeys/search?p=3&q=zte&type=&utf8=%E2%9C%93
- https://www.kb.cert.org/vuls/id/BLUU-A2NQYR
Products affected by CVE-2015-7255
-
cpe:2.3:h:zte:gan9.8t101a-b:-
-
cpe:2.3:h:zte:hg110:-
-
cpe:2.3:h:zte:mf28g:-
-
cpe:2.3:h:zte:ox-330p:-
-
cpe:2.3:h:zte:w300v1.0.0s_zrd_tr1_d68:-
-
cpe:2.3:h:zte:zxhn_h108n:-
-
cpe:2.3:o:zte:gan9.8t101a-b_firmware:-
-
cpe:2.3:o:zte:hg110_firmware:-
-
cpe:2.3:o:zte:mf28g_firmware:-
-
cpe:2.3:o:zte:ox-330p_firmware:-
-
cpe:2.3:o:zte:w300v1.0.0s_zrd_tr1_d68_firmware:-
-
cpe:2.3:o:zte:zxhn_h108n_firmware:-