TROYANOSYVIRUS
Voltar para CVEs

CVE-2015-7287

N/A

Descricao

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado11/25/2015
Ultima modificacao4/12/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

csl_dualcom:gprscsl_dualcom:gprs_cs2300-r_firmware

Fraquezas (CWE)

CWE-255

Referencias

http://cybergibbons.com/?p=2844(cret@cert.org)
http://www.kb.cert.org/vuls/id/428280(cret@cert.org)
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL(cret@cert.org)
http://cybergibbons.com/?p=2844(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/428280(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.