Some USB modems can be leveraged to send malicious SMS messages and carry out spear-phishing attacks sometimes in conjunction with each other thanks to a cross-site request forgery vulnerability present in the device s web interfaces. Swedish security researcher Andreas Lindh says the problem is present in 3G and 4G modems that plug into machines and connect to the Internet through a built-in SIM card. He claims he hasn t had time to notify the vendor yet so has held off on naming the specific USB modem used in his exploit. The vulnerability lets Lindh edit the HTTP POST request method without having to worry about bypassing authentication.
Source: https://threatpost.com/using-usb-modems-to-phish-and-send-malicious-sms-messages/103939/