Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Support for Integrity Check in goTenna Pro
Vulnerability Description
The goTenna Pro App uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is recommended to continue to use encryption in the app and update to the current release for more secure operations.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
缺失完整性检查支持
Vulnerability Title
goTenna Pro 安全漏洞
Vulnerability Description
goTenna Pro是goTenna公司的一系列可为离网通信和态势感知创建网络的设备。 goTenna Pro存在安全漏洞,该漏洞源于对简短的加密消息使用 AES CTR 模式,而无需任何额外的完整性检查机制。
CVSS Information
N/A
Vulnerability Type
N/A