CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32888

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app...

PT-2025-18690 · Gotenna · Gotenna Mesh

Name of the Vulnerable Software and Affected Versions: goTenna Mesh versions 5.5.3 and firmware 1.1.12 Description: The issue concerns a custom encryption implementation without additional integrity checking mechanisms, making messages susceptible to tampering by an attacker with access to the...

CVE-2018-18852

Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ping command, as exploited in the wild in October 2018...

Code injection

Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware 1.1.12 051129 and CP-100E VoIP 802.11b Wireless Phone running firmware 1.1.60 allows remote attackers to gain unauthorized access via the debug service on TCP port 60023...