CVE-2015-7255

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2015-7255
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2017-08-29 15:29:00 UTC
Updated2017-09-12 15:56:00 UTC
DescriptionZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device.

Risk And Classification

Problem Types: CWE-200

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Zte Gan9.8t101a-b - All All All
Hardware Zte Gan9.8t101a-b - All All All
Operating System Zte Gan9.8t101a-b Firmware - All All All
Operating System Zte Gan9.8t101a-b Firmware - All All All
Hardware Zte Hg110 - All All All
Hardware Zte Hg110 - All All All
Operating System Zte Hg110 Firmware - All All All
Operating System Zte Hg110 Firmware - All All All
Hardware Zte Mf28g - All All All
Hardware Zte Mf28g - All All All
Operating System Zte Mf28g Firmware - All All All
Operating System Zte Mf28g Firmware - All All All
Hardware Zte Ox-330p - All All All
Hardware Zte Ox-330p - All All All
Operating System Zte Ox-330p Firmware - All All All
Operating System Zte Ox-330p Firmware - All All All
Hardware Zte W300v1.0.0s Zrd Tr1 D68 - All All All
Hardware Zte W300v1.0.0s Zrd Tr1 D68 - All All All
Operating System Zte W300v1.0.0s Zrd Tr1 D68 Firmware - All All All
Operating System Zte W300v1.0.0s Zrd Tr1 D68 Firmware - All All All
Hardware Zte Zxhn H108n - All All All
Hardware Zte Zxhn H108n - All All All
Operating System Zte Zxhn H108n Firmware - All All All
Operating System Zte Zxhn H108n Firmware - All All All

References

ReferenceSourceLinkTags
Search · zte · GitHub MISC github.com Third Party Advisory
VU#566724 - Embedded devices use non-unique X.509 certificates and SSH host keys CERT-VN www.kb.cert.org Mitigation, Third Party Advisory, US Government Resource
ZTE Corporation Information for VU#566724 MISC www.kb.cert.org Third Party Advisory, US Government Resource
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report