DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.
Max CVSS
9.1
EPSS Score
0.17%
Published
2023-03-27
Updated
2023-04-03
DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol.
Max CVSS
7.5
EPSS Score
0.12%
Published
2022-04-29
Updated
2022-05-13
A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01.00.0510 allows for code execution via a malicious firmware upgrade packet.
Max CVSS
7.8
EPSS Score
0.13%
Published
2021-02-18
Updated
2021-07-21
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file.
Max CVSS
9.3
EPSS Score
21.27%
Published
2007-02-22
Updated
2017-10-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!