Описание
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.
Ссылки
- Exploit
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Exploit
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:csl_dualcom:gprs_cs2300-r_firmware:1.25:*:*:*:*:*:*:*
cpe:2.3:o:csl_dualcom:gprs_cs2300-r_firmware:3.53:*:*:*:*:*:*:*
cpe:2.3:h:csl_dualcom:gprs:cs2300-r:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05707
Низкий
7.5 High
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
около 3 лет назад
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message.
EPSS
Процентиль: 90%
0.05707
Низкий
7.5 High
CVSS2
Дефекты
CWE-255