CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7286

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.4%

CVSS Severity

CVSS v2 Score 6.4

References

http://cybergibbons.com/?p=2844
http://www.kb.cert.org/vuls/id/428280
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL
http://cybergibbons.com/?p=2844
http://www.kb.cert.org/vuls/id/428280
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL

Products affected by CVE-2015-7286

Csl Dualcom » Gprs » Version: cs2300-r

cpe:2.3:h:csl_dualcom:gprs:cs2300-r
Csl Dualcom » Gprs Cs2300-R Firmware » Version: 1.25

cpe:2.3:o:csl_dualcom:gprs_cs2300-r_firmware:1.25
Csl Dualcom » Gprs Cs2300-R Firmware » Version: 3.53

cpe:2.3:o:csl_dualcom:gprs_cs2300-r_firmware:3.53

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7286

Products

Pricing

Contact Us