CVE-2015-7256
5.9
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.2 / Impact: 3.6
Source: NVD
Description
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys.
Affected (25)
Products: Zyxel: Nwa1100 N Firmware, Nwa1100 Nh Firmware, Nwa1121 Ni Firmware, Nwa1123 Ac Firmware, Nwa1123 Ni Firmware, P 660hn 51 Firmware, P 663hn 51 Firmware, Vmg1312 B10a Firmware, Vmg1312 B30a Firmware, Vmg1312 B30b Firmware, Vmg4380 B10a Firmware, Vmg8324 B10a Firmware, Vmg8924 B10a Firmware, Vmg8924 B30a Firmware, Vsg1435 B101 Firmware, Pmg5318 B20a Firmware, Sbg3300 N000 Firmware, Sbg3300 Nb00 Firmware, Sbg3500 N000 Firmware, Gs1900 8 Firmware, Gs1900 24 Firmware, C1000z Firmware, Q1000 Firmware, Fr1000z Firmware, P8702n Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1100 N | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1100 Nh | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1121 Ni | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1123 Ac | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Nwa1123 Ni | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel P 660hn 51 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel P 663hn 51 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg1312 B10a | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg1312 B30a | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg1312 B30b | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg4380 B10a | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg8324 B10a | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg8924 B10a | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vmg8924 B30a | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Vsg1435 B101 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Pmg5318 B20a | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Sbg3300 N000 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Sbg3300 Nb00 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Sbg3500 N000 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Gs1900 8 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Gs1900 24 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel C1000z | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Q1000 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel Fr1000z | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Zyxel P8702n | All versions |
Related CWEs
References (4)
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.