Vulnerabilidades em meshtastic
14 resultadosCVE-2025-24797CRITICALMeshtastic incorrectly hands malformed packets leads to controlled buffer overflowEPSS 0.7%CVE-2024-45038HIGHDevice crash via malformed MQTT packet when downlink is enabled in Meshtastic device firmwareEPSS 0.6%CVE-2024-47078HIGHMeshtastic firmware Authentication/Authorization Bypass via MQTTEPSS 0.5%CVE-2025-52464CRITICALMeshtastic Repeated Public and Private KeypairsEPSS 0.4%CVE-2024-51500MEDIUMFailure to check for packets from the broadcast address allows potential DDoS amplification attack in Meshtastic firmwareEPSS 0.4%CVE-2025-55293CRITICALMeshtastic allows crafting of specific NodeInfo packets that overwrite any publicKey saved in the NodeDBEPSS 0.4%CVE-2025-24798MEDIUMMeshtastic crashes via an unimplemented routing module replyEPSS 0.4%CVE-2025-21608MEDIUMForged packets over MQTT can show up in direct messages in Meshtastic firmwareEPSS 0.3%CVE-2025-53637MEDIUMMeshtastic allows Command Injection in GitHub ActionEPSS 0.3%CVE-2024-47065LOWTraceroute_APP responses are not rate-limited.EPSS 0.2%CVE-2025-52883MEDIUMMeshtastic-Android vulnerable to forged DMs with no PKC showing up as encryptedEPSS 0.2%CVE-2025-53627MEDIUMMeshtastic firmware allows forged DMs with no PKC to show up as encryptedEPSS 0.2%CVE-2024-47079MEDIUMUnauthorized usage of remote hardware module because of missing channel verificationEPSS 0.2%CVE-2025-55292HIGHIn Meshtastic, an attacker can spoof licensed amateur flag for a nodeEPSS 0.1%