CVE-2015-7288

Name of the Vulnerable Software and Affected Versions CSL DualCom GPRS CS2300-R devices versions 1.25 through 3.53

Description The issue allows remote attackers to modify the configuration of the devices via a command in an SMS message. For example, a "4 2" command can be used to achieve this.

Recommendations For versions 1.25 through 3.53, consider disabling the ability to receive configuration commands via SMS messages until a patch is available. Restrict access to the device configuration to minimize the risk of exploitation. Avoid using SMS messages to modify the device configuration until the issue is resolved.