CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response.

Product Status

Learn more

Information not provided

References 3 Total

kb.cert.org: VU#428280
external site
third-party-advisory
http://cybergibbons.com/?p=2844
external site
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL
external site

Updated: 2024-08-06

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

kb.cert.org: VU#428280
external site
third-party-advisoryx_transferred
http://cybergibbons.com/?p=2844
external site
x_transferred
http://www.kb.cert.org/vuls/id/BLUU-A3NQAL
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: CERT/CC

Description

Product Status

References 3 Total

CVE Program

References 3 Total