Lucene search
+L

41 matches found

NVD
NVD
added 2015/11/25 4:59 a.m.21 views

CVE-2015-7286

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...

6.4CVSS6.9AI score0.02118EPSS
Exploits1References3
NVD
NVD
added 2015/11/25 4:59 a.m.22 views

CVE-2015-7285

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center ARC servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response...

5.8CVSS6.8AI score0.01497EPSS
Exploits1References3
Prion
Prion
added 2015/11/25 4:59 a.m.19 views

Command injection

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command...

4.3CVSS7.4AI score0.01654EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2015/11/25 4:59 a.m.17 views

Authentication flaw

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center ARC servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response...

5.8CVSS7.4AI score0.01497EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2015/11/25 4:59 a.m.20 views

Design/Logic Flaw

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message...

7.5CVSS7.9AI score0.03212EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2015/11/25 4:59 a.m.16 views

Hardcoded credentials

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...

6.4CVSS7.4AI score0.02118EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2015/11/25 2:0 a.m.51 views

CVE-2015-7288

The CVE-2015-7288 entry affects CSL DualCom GPRS CS2300-R alarm signaling boards with firmware 1.25–3.53. A remote, unauthenticated attacker could modify device configuration via an SMS command (e.g., “4 2”). The CERT/CC entry expands on multiple issues in these devices (improper authentication, ...

4.3CVSS7.1AI score0.01654EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2015/11/25 2:0 a.m.39 views

CVE-2015-7286

CVE-2015-7286 affects CSL DualCom GPRS CS2300-R alarm signalling boards (firmware 1.25–3.53). The root cause is a proprietary, polyalphabetic substitution cipher with hardcoded keys, enabling a remote attacker to decrypt or manipulate communications between SPTs and ARC servers. The vulnerability...

6.4CVSS7.1AI score0.02118EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2015/11/25 2:0 a.m.55 views

CVE-2015-7287

The CVE-2015-7287 issue affects CSL DualCom GPRS CS2300-R alarm signaling boards (firmware 1.25–3.53). A non-unique, default PIN (001984) is used across installations, enabling remote command execution via SMS when knowledge of the PIN is included in a message. Impacted devices could be controlle...

7.5CVSS7.6AI score0.03212EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2015/11/25 2:0 a.m.45 views

CVE-2015-7285

The CVE-2015-7285 entry concerns CSL DualCom GPRS CS2300-R alarm signalling boards (firmware 1.25–3.53). The vulnerability is a lack of mutual authentication between CS2300-R SPTs and ARC polling servers, enabling MITM attackers to spoof HSxx responses and bypass access controls. Connected source...

5.8CVSS7.1AI score0.01497EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2015/11/25 2:0 a.m.20 views

CVE-2015-7285

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center ARC servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response...

6.8AI score0.01497EPSS
Exploits1References3
Cvelist
Cvelist
added 2015/11/25 2:0 a.m.27 views

CVE-2015-7286

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...

6.8AI score0.02118EPSS
Exploits1References3
Cvelist
Cvelist
added 2015/11/25 2:0 a.m.25 views

CVE-2015-7287

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message...

7.4AI score0.03212EPSS
Exploits1References3
Cvelist
Cvelist
added 2015/11/25 2:0 a.m.26 views

CVE-2015-7288

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command...

6.9AI score0.01654EPSS
Exploits1References3
CNVD
CNVD
added 2015/11/25 12:0 a.m.6 views

CSL DualCom GPRS CS2300-R SPT is vulnerable (CNVD-2015-07790)

The CSL DualCom GPRS CS2300-R SPT is an alarm signaling board from CSL DualCom, UK, which provides a communication link between the burglar alarm and the monitoring center, allowing signals to be sent to the monitoring center when the alarm goes off, via the mobile network, ordinary phone lines o...

6.4CVSS7.1AI score0.02118EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)

No description provided by source. / CorelDRAW X3 v13.0.0.576 crlrib.dll DLL Hijacking Exploit Vendor: Corel Corporation Product Web Page: http://www.corel.com Affected Version: X3 v13.0.0.576 Summary: Graphic design software for striking visual communication. Desc: CorelDRAW X3 suffers from a dl...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/30 12:0 a.m.25 views

Code Snippets 0.9 Insecure Session

--------------------------------------- Author : L3b-r1'z Title : Code Snippets Version 0,9 insecure session Date : 6/30/2012 Email : [email protected] Site : Sec4Ever.com & Exploit4arab.com Google Dork : allintext: "Powered by: PHP-CSL V0.9" Version : 1.1.0 6/30/2012 - Vulnerability discovered...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/25 1:54 a.m.5 views

CSLSecurity Hacked by TeaMp0isoN

CSLSecurity Hacked by TeaMp0isoN CSL Security hacked by TeaMp0isoN. CSL Security claim to be "New LulzSec " type hacking Group. Their goal is to show that most of the important websites are vulnerable,They claim to show that any system can be compromised, nothing is secure. They Hit Sites,...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/22 3:46 p.m.14 views

Metropolitan UK Police hacked for #Antisec by CSL Security using SQL injection Vulnerability

Metropolitan UK Police hacked for Antisec by CSL Security using SQL injection Vulnerability One of the Anonymous Hacker "CSL Security" expose SQL Injection Vulnerability in Metropolitan UK Police website via Twitter. He posted the stuff on Pastebin. Vulnerable link is also posted by hacker. Where...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/22 3:46 p.m.2 views

Metropolitan UK Police hacked for #Antisec by CSL Security using SQL injection Vulnerability

Metropolitan UK Police hacked for Antisec by CSL Security using SQL injection Vulnerability One of the Anonymous Hacker "CSL Security " expose SQL Injection Vulnerability in Metropolitan UK Police website via Twitter. He posted the stuff on Pastebin. Vulnerable link is also posted by hacker. Wher...

8.7AI score
Exploits0
Rows per page
Query Builder