641
|
- |
|
-
|
-
|
A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to th…
Update
|
CWE-334
Small Space of Random Values
|
CVE-2023-6951
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
642
|
- |
|
-
|
-
|
An Improper Input Validation vulnerability affecting the FTP service running on the DJI Mavic Mini 3 Pro could allow an attacker to craft a malicious packet containing a malformed path provided to th…
Update
|
-
|
CVE-2023-6950
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
643
|
- |
|
-
|
-
|
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to trigger an out-of-bound read/write into the process m…
Update
|
CWE-125 CWE-787
Out-of-bounds Read Out-of-bounds Write
|
CVE-2023-51456
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
644
|
- |
|
-
|
-
|
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payloa…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-51453
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
645
|
- |
|
-
|
-
|
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payloa…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-51452
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
646
|
- |
|
-
|
-
|
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue a…
Update
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2023-45598
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
647
|
- |
|
-
|
-
|
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. T…
Update
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2023-45596
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
648
|
- |
|
-
|
-
|
A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to re…
Update
|
CWE-184
Incomplete Blacklist
|
CVE-2023-45593
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
649
|
8.1 |
HIGH
Adjacent
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection.
An attacker can exploit this vulnerability by injecting, on …
Update
|
CWE-223
|
CVE-2023-31191
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
650
|
8.1 |
HIGH
Network
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure.
Specifically, the firmware update procedur…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-31190
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|