CVE-2015-7256

Published Sep 28, 2017
Last updated 7 years ago
CVSS medium 5.9
Overview

Description: ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys.
Source: cret@cert.org
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-310
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:nwa1100-n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D2E585A-9A92-4A4A-9496-61C3F9AD74C0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:nwa1100-n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6904F1E3-5032-4FC8-95C9-1E2267A19382"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:nwa1100-nh_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDF4B052-913F-477D-BCCC-2CE965F6FE13"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:nwa1100-nh:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F73B7235-D7A0-4931-A92E-4B1BEE2102F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:nwa1121-ni_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CCCE350-59AB-42A1-AA17-F82289D5BCF4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:nwa1121-ni:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5156EAF7-E47F-4A8A-BB6C-047969276060"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:nwa1123-ac_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30A700E3-2BC9-4BCF-A0FC-F7EFB1DF7392"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:nwa1123-ac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F4261C53-83AC-4440-8408-7A8DFFE10F04"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:nwa1123-ni_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "258C8E28-0C36-4B59-A047-938779FECD9A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:nwa1123-ni:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98A7D843-1F0F-4173-A581-73B60130C7EA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:p-660hn-51_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C16165B-FD30-43B0-965E-CBC8C46B1DB7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:p-660hn-51:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B0138796-FFDC-4976-83AB-018DD7CD7D5F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:p-663hn-51_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04DAE774-A4DE-4F56-A22B-0C2AE261BEDC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:p-663hn-51:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1F2A8EAA-E91F-48D8-82F9-0719C6F6BB2F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg1312-b10a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8CC0C61-EB6A-4736-80E3-B69693D4A2B1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg1312-b10a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7B6C4A31-3B83-444F-B5F8-1397B43B2211"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg1312-b30a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B0F62E6-04C9-4611-8C82-80DD8D58757F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg1312-b30a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD5CB070-4FD9-4393-94BF-40E3FD0C596F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg1312-b30b_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C4A52F8-F5FD-4E53-BBE6-69F673A7904B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg1312-b30b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5CF7CD5-ADE5-4F77-9F81-C0FF32A5E267"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg4380-b10a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4808FDF8-4815-4C4F-AFE7-31EADE517B31"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg4380-b10a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "88BA2BDF-9ACA-4F89-B7B7-FD232A6399CD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg8324-b10a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF0AFA0F-D126-4D1C-89EC-878AB0F5E74C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "53C32749-82A6-42AA-9EBE-11014F161D2F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg8924-b10a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11BEC42C-7815-4EA3-B1E5-66E2443B5032"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg8924-b10a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "96DC6BBF-15B8-496F-85FE-5373B6CEDC3C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vmg8924-b30a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CB88CC1-9F13-4EB1-AF6D-5ED44EFB9868"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vmg8924-b30a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "89D58204-B0DB-4C36-A619-FA5969797CF2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:vsg1435-b101_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5047833-C798-4111-8C97-CE9B70F7834D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:vsg1435-b101:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C31517DD-3D1B-4F9D-8673-145927CADFBB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:pmg5318-b20a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41AF2B1B-A5BB-4F40-9C30-6AD665AE5596"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:pmg5318-b20a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2EF6C90D-9BF3-4302-B834-BC897473E502"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:sbg3300-n000_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "852E8F04-4C28-4904-AA4A-ACE4EAD6DC31"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:sbg3300-n000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "902A735D-2D84-4183-B4B3-FA36AD9F13A5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:sbg3300-nb00_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B338AE18-ECE4-4B90-A1D5-16F2983464E7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:sbg3300-nb00:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E4658399-1699-4426-ACFF-BDEE20BF1A54"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:sbg3500-n000_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BC4B86C-ED2F-406D-BCAA-B970BAD248D8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:sbg3500-n000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F1E3BCE8-F36A-4FFE-933B-6BADF24506AF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:gs1900-8_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "316DC84A-7B3C-4396-A0BD-EAA3B5DA0476"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "51D33F50-B5A4-4AEF-972C-7FF089C21D52"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:gs1900-24_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91426AF7-9D95-486F-9155-B4F9636F3CEB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F4F55299-70D5-4CE1-A1EC-D79B469B94F7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:c1000z_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC9FB893-7F6A-48AD-B3C8-FC85A6A80CEB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:c1000z:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "812C4AFE-364D-4D18-A79F-6CD98EDDC3B6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:q1000_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8090C667-2E54-462F-BD5A-DF7854252A0B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:q1000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F2A44DC-DFB9-46A8-BD9B-B207BBFFD764"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:fr1000z_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23ADD49B-C666-4E28-813A-55DB6BEF4EB4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:fr1000z:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA597CC9-92FE-47AC-86F9-FA5B2E032961"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:p8702n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59D9B829-FD92-46D2-840F-A99E5FF0DC4C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:zyxel:p8702n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C906711-7699-4A0A-BA3C-7A007EDF301E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
