Search criteria
8 vulnerabilities found for gprs_cs2300-r_firmware by csl_dualcom
CVE-2015-7288 (GCVE-0-2015-7288)
Vulnerability from nvd – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a \"4 2\" command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a \"4 2\" command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7288",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7287 (GCVE-0-2015-7287)
Vulnerability from nvd – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers\u0027 installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers\u0027 installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7287",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7286 (GCVE-0-2015-7286)
Vulnerability from nvd – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7286",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7285 (GCVE-0-2015-7285)
Vulnerability from nvd – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7285",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7285 (GCVE-0-2015-7285)
Vulnerability from cvelistv5 – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7285",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7286 (GCVE-0-2015-7286)
Vulnerability from cvelistv5 – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7286",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7287 (GCVE-0-2015-7287)
Vulnerability from cvelistv5 – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers\u0027 installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers\u0027 installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7287",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7288 (GCVE-0-2015-7288)
Vulnerability from cvelistv5 – Published: 2015-11-25 02:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a \"4 2\" command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-25T04:57:04.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#428280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cybergibbons.com/?p=2844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a \"4 2\" command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-7288",
"datePublished": "2015-11-25T02:00:00.000Z",
"dateReserved": "2015-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:43:46.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}