CVE-2020-29664

2021-02-1812:59:43

mitre

www.cve.org

command injection

dji mavic 2

remote controller

cve-2020-29664

firmware upgrade packet

code execution

EPSS

0.001

Percentile

48.3%

JSON

A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01.00.0510 allows for code execution via a malicious firmware upgrade packet.

References

hacktheplanet.nu/djihax.pdf

kth.diva-portal.org/smash/get/diva2:1463784/FULLTEXT01.pdf

gist.github.com/viktoredstrom/2f0463ebe7cd786904f229e11386e817

www.dji.com/mavic-2

EPSS

0.001

Percentile

48.3%

JSON

Related for CVELIST:CVE-2020-29664