Lucene search
CertccCVE-2015-7287HistoryNov 25, 2015 - 4:59 a.m.
CVE-2015-7287
2015-11-2504:59:04
CWE-255
certcc
web.nvd.nist.gov
31
cve-2015-7287
csl dualcom
gprs
cs2300-r
firmware vulnerability
pin vulnerability
remote execution
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.021
Percentile
89.2%
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers’ installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.
Affected configurations
Node
csl_dualcomgprs_cs2300-r_firmwareMatch1.25
ORcsl_dualcomgprs_cs2300-r_firmwareMatch3.53
csl_dualcomgprsMatchcs2300-r
| Vendor | Product | Version | CPE |
|---|---|---|---|
| csl_dualcom | gprs_cs2300-r_firmware | 1.25 | cpe:2.3:o:csl_dualcom:gprs_cs2300-r_firmware:1.25:*:*:*:*:*:*:* |
| csl_dualcom | gprs_cs2300-r_firmware | 3.53 | cpe:2.3:o:csl_dualcom:gprs_cs2300-r_firmware:3.53:*:*:*:*:*:*:* |
| csl_dualcom | gprs | cs2300-r | cpe:2.3:h:csl_dualcom:gprs:cs2300-r:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-7287
2015-11-25 02:00:00
prion
prion
Design/Logic Flaw
2015-11-25 04:59:00
nvd
nvd
CVE-2015-7287
2015-11-25 04:59:04
cert
cert
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.021
Percentile
89.2%
Related for CVE-2015-7287