Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees that allowing untrusted LoRa gateways to the network should still result in a secure network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ChirpStack Network Server 输入验证错误漏洞
Vulnerability Description
ChirpStack Network Server是个人开发者的一个开源的 LoRaWAN 服务。该软件应用于物联网的无线连接方面,具备低功耗、长距离和高容量等特性。 ChirpStack Network Server 3.9.0版本存在输入验证错误漏洞,该漏洞源于不准确的重复帧数据删除过程允许恶意网关通过internal/uplink/collect.go中错误的频率属性和calloncecollect执行上行拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A