1. Home
  2. CVE Database
  3. CVE-2015-7255
HIGH · 7.5

CVE-2015-7255

ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials ...

Vulnerability Description

ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
ZteOx-330P Firmware-
ZteOx-330P-
ZteZxhn H108N Firmware-
ZteZxhn H108N-
ZteW300V1.0.0S Zrd Tr1 D68 Firmware-
ZteW300V1.0.0S Zrd Tr1 D68-
ZteHg110 Firmware-
ZteHg110-
ZteGan9.8T101A-B Firmware-
ZteGan9.8T101A-B-
ZteMf28G Firmware-
ZteMf28G-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-7255?

CVE-2015-7255 is a vulnerability with a CVSS score of 7.5 (HIGH). ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials ...

How severe is CVE-2015-7255?

CVE-2015-7255 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7255?

Check the references section above for vendor advisories and patch information. Affected products include: Zte Ox-330P Firmware, Zte Ox-330P, Zte Zxhn H108N Firmware, Zte Zxhn H108N, Zte W300V1.0.0S Zrd Tr1 D68 Firmware.