VYPR

CS2300-R

by CSL DualCom

CVEs (3)

  • CVE-2015-7288Nov 25, 2015
    risk 0.00cvss epss 0.02

    CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.

  • CVE-2015-7286Nov 25, 2015
    risk 0.00cvss epss 0.02

    CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.

  • CVE-2015-7285Nov 25, 2015
    risk 0.00cvss epss 0.01

    CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response.