Vulnerability Description
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Csl Dualcom | Gprs Cs2300-R Firmware | 1.25 |
| Csl Dualcom | Gprs | cs2300-r |
Related Weaknesses (CWE)
References
- http://cybergibbons.com/?p=2844Exploit
- http://www.kb.cert.org/vuls/id/428280Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/BLUU-A3NQALThird Party AdvisoryUS Government Resource
- http://cybergibbons.com/?p=2844Exploit
- http://www.kb.cert.org/vuls/id/428280Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/BLUU-A3NQALThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2015-7288?
CVE-2015-7288 is a vulnerability with a CVSS score of 4.3 (MEDIUM). CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
How severe is CVE-2015-7288?
CVE-2015-7288 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7288?
Check the references section above for vendor advisories and patch information. Affected products include: Csl Dualcom Gprs Cs2300-R Firmware, Csl Dualcom Gprs.