Lucene search
K

108 matches found

NVD
NVD
added 2024/04/02 11:15 a.m.18 views

CVE-2023-51452

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the pullfilev2proc function implemented in the libv2sdk.s...

3CVSS3.9AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:31 a.m.13 views

CVE-2023-51456

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to trigger an out-of-bound read/write into the process memory through a crafted payload due to a missing input sanity check in the v2packarraytomsg function...

6.8CVSS7.7AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/04/02 10:31 a.m.46 views

CVE-2023-51456

CVE-2023-51456 affects DJI drone devices via an Improper Input Validation in the v2_pack_array_to_msg function of libv2_sdk.so used by the v2_sdk_service on port 10000. The issue allows out-of-bounds read/write in memory, risking memory information leaks or arbitrary code execution. Affected: Mav...

6.8CVSS7.4AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 10:31 a.m.22 views

CVE-2023-51456

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to trigger an out-of-bound read/write into the process memory through a crafted payload due to a missing input sanity check in the v2packarraytomsg function...

6.8CVSS7.1AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 10:31 a.m.27 views

CVE-2023-51455

A Improper Validation of Array Index issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the onreceivesessionpacketack function implemented in the libv2sdk.so...

6.8CVSS7.1AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/04/02 10:31 a.m.43 views

CVE-2023-51455

CVE-2023-51455 concerns an Improper Validation of Array Index in the v2_sdk_service on DJI devices, specifically in the on_receive_session_packet_ack function of libv2_sdk.so used by the dji_vtwo_sdk service and exposed on port 10000. Affected devices/versions include Mavic 3 Pro < v01.01.0300...

6.8CVSS7.4AI score0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:31 a.m.4 views

CVE-2023-51455

A Improper Validation of Array Index issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the onreceivesessionpacketack function implemented in the libv2sdk.so...

6.8CVSS7.5AI score0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:28 a.m.7 views

CVE-2023-51454

A Out-of-bounds Write issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to overwrite a pointer in the process memory through a crafted payload triggering an unsafe memory write operation in the mytcpreceive function implemented in the...

6.8CVSS7.5AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 10:28 a.m.21 views

CVE-2023-51454

A Out-of-bounds Write issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to overwrite a pointer in the process memory through a crafted payload triggering an unsafe memory write operation in the mytcpreceive function implemented in the...

6.8CVSS7.1AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2024/04/02 10:28 a.m.51 views

CVE-2023-51454

The CVE-2023-51454 entry is supported by concrete details across connected sources: an out-of-bounds write in the v2_sdk_service listening on port 10000 of several DJI devices, caused by an unsafe memory write in my_tcp_receive in libv2_sdk.so. Affected are Mavic 3 Pro (< v01.01.0300), Mavic 3...

6.8CVSS7.4AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 10:28 a.m.18 views

CVE-2023-51453

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the processpushfile function implemented in the libv2sdk....

3CVSS4.3AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:28 a.m.9 views

CVE-2023-51453

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the processpushfile function implemented in the libv2sdk....

3CVSS6.9AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2024/04/02 10:28 a.m.46 views

CVE-2023-51453

CVE-2023-51453 : The vulnerability is an improper input validation in the v2_sdk_service used by DJI drone devices (ports 10000) that can crash the service via a crafted payload due to a missing input size check in the process_push_file function of the libv2_sdk.so library. Affected models and ve...

3CVSS6.8AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2024/04/02 10:28 a.m.43 views

CVE-2023-51452

The CVE-2023-51452 issue is an Improper Input Validation in DJI’s v2_sdk_service (listening on port 10000) that can crash the service via a crafted payload due to a missing input size check in the pull_file_v2_proc function within libv2_sdk.so used by dji_vtwo_sdk. Affected DJI devices and firmwa...

3CVSS6.8AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:28 a.m.14 views

CVE-2023-51452

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the pullfilev2proc function implemented in the libv2sdk.s...

3CVSS6.9AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 10:28 a.m.20 views

CVE-2023-51452

A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the pullfilev2proc function implemented in the libv2sdk.s...

3CVSS4.3AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:28 a.m.15 views

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

6.6CVSS6.9AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 10:28 a.m.32 views

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

6.6CVSS6.6AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2024/04/02 10:28 a.m.83 views

CVE-2023-6951

CVE-2023-6951 concerns a Use of Weak Credentials affecting DJI drone Wi‑Fi networks (Mavic 3 Pro <= v01.01.0300, Mavic 3 <= v01.00.1200, Mavic 3 Classic <= v01.00.0500, Mavic 3 Enterprise <= v07.01.10.03, Matrice 300 <= v57.00.01.00, Matrice M30 <= v07.01.0022, Mini 3 Pro

6.6CVSS6.8AI score0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 10:27 a.m.7 views

CVE-2023-6950

An Improper Input Validation vulnerability affecting the FTP service running on the DJI Mavic Mini 3 Pro could allow an attacker to craft a malicious packet containing a malformed path provided to the FTP SIZE command that leads to a denial-of-service attack of the FTP service itself...

3CVSS7.2AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder