CVE-2022-46416

Опубликовано: 27 мар. 2023

Источник: nvd

CVSS3: 9.1

CVSS3: 5.9

EPSS Низкий

Описание

Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.

Ссылки

https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv
Third Party Advisory
https://smartstore.naver.com/chachablues/products/6617613337
Product
https://smartstore.naver.com/hancomawesome-tech/products/5367473135
Product
https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv
Third Party Advisory
https://smartstore.naver.com/chachablues/products/6617613337
Product
https://smartstore.naver.com/hancomawesome-tech/products/5367473135
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:parrot:bebop_firmware:4.7.1:*:*:*:*:*:*:*

cpe:2.3:h:parrot:bebop:-:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00396

Низкий

9.1 Critical

CVSS3

5.9 Medium

CVSS3

Дефекты

CWE-770

EPSS

Процентиль: 60%

0.00396

Низкий

9.1 Critical

CVSS3

5.9 Medium

CVSS3

Дефекты

CWE-770