2 matches found
CVE-2022-42982
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. The NTRIP sourcetable is typically quite long tens of kBs and can be requested with a packet of only 30 bytes. This presents a vector that can be used for UDP amplification attacks...
CVE-2022-42982
CVE-2022-42982 affects BKG Professional NtripCaster 2.0.39. The issue allows querying the NTRIP sourcetable over UDP without authentication, enabling a potential UDP amplification vector because the sourcetable is long yet can be retrieved with a small packet. Normally, UDP-only data is authentic...