Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Forged packets over MQTT can show up in direct messages in Meshtastic firmware
Vulnerability Description
Meshtastic is an open source mesh networking solution. In affected firmware versions crafted packets over MQTT are able to appear as a DM in client to a node even though they were not decoded with PKC. This issue has been addressed in version 2.5.19 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
N/A
Vulnerability Type
将资源暴露给错误范围
Vulnerability Title
Meshtastic device firmware 安全漏洞
Vulnerability Description
Meshtastic device firmware是Meshtastic开源的一种用于 Meshtastic 设备运行开源、离网、去中心化网状网络的固件。 Meshtastic device firmware存在安全漏洞,该漏洞源于未正确验证MQTT数据包。攻击者利用该漏洞可以伪造消息。
CVSS Information
N/A
Vulnerability Type
N/A