CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/428280 | Third Party Advisory US Government Resource |
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL | Third Party Advisory US Government Resource |
http://cybergibbons.com/?p=2844 | Exploit |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2015-11-24 20:59
Updated : 2015-11-25 08:44
NVD link : CVE-2015-7288
Mitre link : CVE-2015-7288
JSON object : View
CWE
CWE-254
7PK - Security Features
Products Affected
csl_dualcom
- gprs_cs2300-r_firmware
- gprs