CVE-2015-7286

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
csl_dualcomgprs_cs2300-r_firmware
1.25
csl_dualcomgprs_cs2300-r_firmware
3.53
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cybergibbons.com/?p=2844
http://www.kb.cert.org/vuls/id/428280
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL
http://cybergibbons.com/?p=2844
http://www.kb.cert.org/vuls/id/428280
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL