CVE-2025-32888

Опубликовано: 01 мая 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app.

Ссылки

https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities
Third Party Advisory
https://gotenna.com
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:gotenna:mesh_firmware:1.1.12:*:*:*:*:*:*:*

cpe:2.3:h:gotenna:mesh:-:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:gotenna:gotenna:5.5.3:*:*:*:*:-:*:*

EPSS

Процентиль: 6%

0.00025

Низкий

7.3 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-798

Связанные уязвимости

GHSA-jqgh-w22q-m24f

CVSS3: 7.3

github

9 месяцев назад

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app.

EPSS

Процентиль: 6%

0.00025

Низкий

7.3 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-798