CVE-2015-7248

Published: Dec 30, 2015Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.

Affected (1)

Products: Zte: Zxhn H108n R1a Firmware

Zte

1 product

Zxhn H108n R1a Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zte Zxhn H108n R1a Firmware	Up to zte.bhs.zxhnh108nr1a.h_pe

Running on/with	Platform Versions
Zte Zxhn H108n R1a	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://www.securityfocus.com/bid/77421

Source: cret@cert.org

https://www.exploit-db.com/exploits/38773/

Source: cret@cert.org

https://www.kb.cert.org/vuls/id/391604

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

https://www.kb.cert.org/vuls/id/BLUU-9ZDJWA

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/77421

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/38773/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.kb.cert.org/vuls/id/391604

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.kb.cert.org/vuls/id/BLUU-9ZDJWA

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.