CVE-2023-51456

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to trigger an out-of-bound read/write into the process memory through a crafted payload due to a missing input sanity check in the v2packarraytomsg function...

CVE-2023-51455

A Improper Validation of Array Index issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the onreceivesessionpacketack function implemented in the libv2sdk.so...

CVE-2023-51453

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the processpushfile function implemented in the libv2sdk....

CVE-2023-6948

CVE-2023-6948 affects DJI drone devices running v2_sdk_service on port 10000. The issue is a Buffer Copy without Checking Size of Input in sdk_printf within libv2_sdk.so used by the dji_vtwo_sdk binary, enabling a crafted payload to crash the service and cause denial of service (availability impa...