CVE-2015-7286 Information

Description

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic.

Reference

http://cybergibbons.com/?p=2844 http://www.kb.cert.org/vuls/id/428280 http://www.kb.cert.org/vuls/id/BLUU-A3NQAL