2 matches found
SSL / TLS Certificate Known Hard Coded Private Keys
The remote host is running a service that is using a publicly known SSL / TLS private key. An attacker may use this key to decrypt intercepted traffic between users and the device. A remote attacker can also perform a man-in-the-middle attack in order to gain access to the system or modify data i...
CVE-2015-7256
CVE-2015-7256 affects multiple ZyXEL devices (NWA1100-N/NH/NWA1121-NI/NWA1123-AC/NWA1123-NI, DSL CPEs, small business gateways, switches, etc.) where non-unique X.509 certificates and SSH host keys are used across devices. Root cause: embedded devices reuse certificates/keys, enabling impersonati...