{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-11-05T00:00:00", "descriptions": [{"lang": "en", "value": "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#566724", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/566724"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2015-7256", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#566724", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/566724"}, {"name": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml", "refsource": "CONFIRM", "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:43:45.967Z"}, "title": "CVE Program Container", "references": [{"name": "VU#566724", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/566724"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2015-7256", "datePublished": "2017-09-27T18:00:00", "dateReserved": "2015-09-18T00:00:00", "dateUpdated": "2024-08-06T07:43:45.967Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa1100-n_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D2E585A-9A92-4A4A-9496-61C3F9AD74C0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa1100-n:-:*:*:*:*:*:*:*", "matchCriteriaId": "6904F1E3-5032-4FC8-95C9-1E2267A19382", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa1100-nh_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDF4B052-913F-477D-BCCC-2CE965F6FE13", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa1100-nh:-:*:*:*:*:*:*:*", "matchCriteriaId": "F73B7235-D7A0-4931-A92E-4B1BEE2102F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa1121-ni_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CCCE350-59AB-42A1-AA17-F82289D5BCF4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa1121-ni:-:*:*:*:*:*:*:*", "matchCriteriaId": "5156EAF7-E47F-4A8A-BB6C-047969276060", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa1123-ac_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "30A700E3-2BC9-4BCF-A0FC-F7EFB1DF7392", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa1123-ac:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4261C53-83AC-4440-8408-7A8DFFE10F04", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa1123-ni_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "258C8E28-0C36-4B59-A047-938779FECD9A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa1123-ni:-:*:*:*:*:*:*:*", "matchCriteriaId": "98A7D843-1F0F-4173-A581-73B60130C7EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660hn-51_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C16165B-FD30-43B0-965E-CBC8C46B1DB7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660hn-51:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0138796-FFDC-4976-83AB-018DD7CD7D5F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-663hn-51_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "04DAE774-A4DE-4F56-A22B-0C2AE261BEDC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-663hn-51:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F2A8EAA-E91F-48D8-82F9-0719C6F6BB2F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg1312-b10a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8CC0C61-EB6A-4736-80E3-B69693D4A2B1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg1312-b10a:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B6C4A31-3B83-444F-B5F8-1397B43B2211", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg1312-b30a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B0F62E6-04C9-4611-8C82-80DD8D58757F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg1312-b30a:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD5CB070-4FD9-4393-94BF-40E3FD0C596F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg1312-b30b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C4A52F8-F5FD-4E53-BBE6-69F673A7904B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg1312-b30b:-:*:*:*:*:*:*:*", "matchCriteriaId": "C5CF7CD5-ADE5-4F77-9F81-C0FF32A5E267", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg4380-b10a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4808FDF8-4815-4C4F-AFE7-31EADE517B31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg4380-b10a:-:*:*:*:*:*:*:*", "matchCriteriaId": "88BA2BDF-9ACA-4F89-B7B7-FD232A6399CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8324-b10a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF0AFA0F-D126-4D1C-89EC-878AB0F5E74C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*", "matchCriteriaId": "53C32749-82A6-42AA-9EBE-11014F161D2F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8924-b10a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "11BEC42C-7815-4EA3-B1E5-66E2443B5032", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8924-b10a:-:*:*:*:*:*:*:*", "matchCriteriaId": "96DC6BBF-15B8-496F-85FE-5373B6CEDC3C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg8924-b30a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CB88CC1-9F13-4EB1-AF6D-5ED44EFB9868", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg8924-b30a:-:*:*:*:*:*:*:*", "matchCriteriaId": "89D58204-B0DB-4C36-A619-FA5969797CF2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vsg1435-b101_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5047833-C798-4111-8C97-CE9B70F7834D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vsg1435-b101:-:*:*:*:*:*:*:*", "matchCriteriaId": "C31517DD-3D1B-4F9D-8673-145927CADFBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pmg5318-b20a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "41AF2B1B-A5BB-4F40-9C30-6AD665AE5596", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:pmg5318-b20a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EF6C90D-9BF3-4302-B834-BC897473E502", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:sbg3300-n000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "852E8F04-4C28-4904-AA4A-ACE4EAD6DC31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:sbg3300-n000:-:*:*:*:*:*:*:*", "matchCriteriaId": "902A735D-2D84-4183-B4B3-FA36AD9F13A5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:sbg3300-nb00_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B338AE18-ECE4-4B90-A1D5-16F2983464E7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:sbg3300-nb00:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4658399-1699-4426-ACFF-BDEE20BF1A54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:sbg3500-n000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BC4B86C-ED2F-406D-BCAA-B970BAD248D8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:sbg3500-n000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1E3BCE8-F36A-4FFE-933B-6BADF24506AF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:gs1900-8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "316DC84A-7B3C-4396-A0BD-EAA3B5DA0476", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*", "matchCriteriaId": "51D33F50-B5A4-4AEF-972C-7FF089C21D52", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:gs1900-24_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "91426AF7-9D95-486F-9155-B4F9636F3CEB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4F55299-70D5-4CE1-A1EC-D79B469B94F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:c1000z_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC9FB893-7F6A-48AD-B3C8-FC85A6A80CEB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:c1000z:-:*:*:*:*:*:*:*", "matchCriteriaId": "812C4AFE-364D-4D18-A79F-6CD98EDDC3B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:q1000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8090C667-2E54-462F-BD5A-DF7854252A0B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:q1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F2A44DC-DFB9-46A8-BD9B-B207BBFFD764", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:fr1000z_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "23ADD49B-C666-4E28-813A-55DB6BEF4EB4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:fr1000z:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA597CC9-92FE-47AC-86F9-FA5B2E032961", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p8702n_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "59D9B829-FD92-46D2-840F-A99E5FF0DC4C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p8702n:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C906711-7699-4A0A-BA3C-7A007EDF301E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys."}, {"lang": "es", "value": "Los puntos de acceso ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, NWA1123-NI; los CPE DSL P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, VSG1435-B101; las puertas de enlace para peque\u00f1as empresas PMG5318-B20A GPON, SBG3300-N000, SBG3300-NB00, SBG3500-N000; los switches GS1900-8 y GS1900-24 y los modelos de m\u00f3dem C1000Z, Q1000, FR1000Z, P8702N emplean certificados X.509 y claves host de SSH que no son \u00fanicos."}], "id": "CVE-2015-7256", "lastModified": "2017-10-11T17:59:55.210", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-09-28T01:29:00.670", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/566724"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}