High severity7.5NVD Advisory· Published Aug 29, 2017· Updated May 13, 2026

CVE-2015-7255

Description

ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device.

Affected products

Zte/Gan9.8t101a B Firmware
cpe:2.3:o:zte:gan9.8t101a-b_firmware:-:*:*:*:*:*:*:*
Zte/Hg110 Firmware
cpe:2.3:o:zte:hg110_firmware:-:*:*:*:*:*:*:*
Zte/Mf28g Firmware
cpe:2.3:o:zte:mf28g_firmware:-:*:*:*:*:*:*:*
Zte/Ox 330p Firmware
cpe:2.3:o:zte:ox-330p_firmware:-:*:*:*:*:*:*:*
Zte/W300v1.0.0s Zrd Tr1 D68 Firmware
cpe:2.3:o:zte:w300v1.0.0s_zrd_tr1_d68_firmware:-:*:*:*:*:*:*:*
Zte/Zxhn H108n Firmware
cpe:2.3:o:zte:zxhn_h108n_firmware:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/566724nvdMitigationThird Party AdvisoryUS Government Resource
www.kb.cert.org/vuls/id/BLUU-A2NQYRnvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000