CVE-2015-7255

Name of the Vulnerable Software and Affected Versions ZTE OX-330P ZXHN H108N W300V1.0.0S ZRD TR1 D68 HG110 GAN9.8T101A-B MF28G ZXHN H108N

Description The issue allows remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device, as the devices use non-unique X.509 certificates and SSH host keys.

Recommendations For ZTE OX-330P, update the X.509 certificates and SSH host keys to unique values. For ZXHN H108N, update the X.509 certificates and SSH host keys to unique values. For W300V1.0.0S ZRD TR1 D68, update the X.509 certificates and SSH host keys to unique values. For HG110, update the X.509 certificates and SSH host keys to unique values. For GAN9.8T101A-B, update the X.509 certificates and SSH host keys to unique values. For MF28G, update the X.509 certificates and SSH host keys to unique values. As a temporary workaround, consider restricting access to sensitive information until unique X.509 certificates and SSH host keys are implemented.