Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
goTenna Pro ATAK Plugin Missing Support for Integrity Check
Vulnerability Description
The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is advised to continue to use encryption in the plugin and update to the current release for enhanced encryption protocols.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
缺失完整性检查支持
Vulnerability Title
goTenna Pro 安全漏洞
Vulnerability Description
goTenna Pro是goTenna公司的一系列可为离网通信和态势感知创建网络的设备。 goTenna Pro 1.9.12及之前版本存在安全漏洞,该漏洞源于使用AES CTR模式加密短消息时未附加任何完整性检查机制,这使得消息容易被能够访问到消息的攻击者篡改。
CVSS Information
N/A
Vulnerability Type
N/A