Vulnerability CVE-2015-7256


Published: 2017-09-27   Modified: 2017-09-28

Description:
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys.

Vendor: Zyxel
Product: Gs1900-24 firmware 
Product: Vmg4380-b10a firmware 
Product: Vmg1312-b30b firmware 
Product: Vmg1312-b10a firmware 
Product: P-660hn-51 firmware 
Product: Vmg1312-b30a firmware 
Product: P-663hn-51 firmware 
Product: Q1000 firmware 
Product: Sbg3300-n000 firmware 
Product: Nwa1100-n firmware 
Product: C1000z firmware 
Product: Fr1000z firmware 
Product: Vmg8324-b10a firmware 
Product: Vsg1435-b101 firmware 
Product: Gs1900-8 firmware 
Product: Vmg8924-b30a firmware 
Product: Nwa1123-ni firmware 
Product: Vmg8924-b10a firmware 
Product: Sbg3300-nb00 firmware 
Product: P8702n firmware 
Product: Nwa1121-ni firmware 
Product: Sbg3500-n000 firmware 
Product: Nwa1123-ac firmware 
Product: Nwa1100-nh firmware 
Product: Pmg5318-b20a firmware 

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www.kb.cert.org/vuls/id/566724
http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml

Related CVE
CVE-2019-12583
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. This can lead to unauthorised network access or Denial ...
CVE-2019-12581
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the err_msg parameter.
CVE-2019-6725
The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem ca...
CVE-2017-18374
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be us...
CVE-2017-18372
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp pag...
CVE-2017-18371
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username superv...
CVE-2017-18370
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.as...
CVE-2017-18368
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability ...

Copyright 2019, cxsecurity.com

 

Back to Top