Vulnerabilities (CVE)

Filtered by vendor Csl Dualcom Subscribe
Filtered by product Gprs Cs2300-r Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7288 1 Csl Dualcom 2 Gprs, Gprs Cs2300-r Firmware 2024-11-21 4.3 MEDIUM N/A
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
CVE-2015-7287 1 Csl Dualcom 2 Gprs, Gprs Cs2300-r Firmware 2024-11-21 7.5 HIGH N/A
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.
CVE-2015-7286 1 Csl Dualcom 2 Gprs, Gprs Cs2300-r Firmware 2024-11-21 6.4 MEDIUM N/A
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.
CVE-2015-7285 1 Csl Dualcom 2 Gprs, Gprs Cs2300-r Firmware 2024-11-21 5.8 MEDIUM N/A
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response.