CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32887

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping...

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32887

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping...

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32887

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping...

CVE-2025-32887

CVE-2025-32887 (goTenna V1) affects goTenna v1 devices using app 5.5.3 and firmware 0.25.5. The command channel includes the next hop, which can be intercepted and used to break frequency hopping. Impacts: availability is affected (high), integrity/confidentiality issues are noted as low in one m...

PT-2025-18686 · Gotenna · Gotenna

Name of the Vulnerable Software and Affected Versions: goTenna v1 with application 5.5.3 and firmware 0.25.5 Description: A problem was discovered where all packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and...

CVE-2025-32886

The CVE-2025-32886 issue affects goTenna v1 devices (app 5.5.3, firmware 0.25.5). The underlying problem is that packets sent over RF are also transmitted via UART through USB Shell, enabling a user with local access to learn the protocol and intercept sensitive data. The impact is information di...

PT-2025-18687 · Gotenna · Gotenna

Name of the Vulnerable Software and Affected Versions: goTenna v1 with application 5.5.3 and firmware 0.25.5 Description: A problem was detected in goTenna v1 devices, where a command channel includes the next hop, which can be intercepted and used to interrupt frequency hopping. Recommendations:...

CVE-2025-2185

ALBEDO Telecom Net.Time - PTP/NTP clock Serial No. NBC0081P software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception...

CVE-2025-3518

It technically possible for a user to upload a file to a conversation despite the file upload functionality being disabled. The file upload functionality can be enabled or disabled for specific use cases through configuration. In case the functionality is disabled for at least one use case, the...

CVE-2025-3519

An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly generated Universally Unique ID UUID. In case a participant of this or another conversation gets access to such a file ID...

Google ChromeOS Memory Misreference Vulnerability

Google ChromeOS is a set of Web-based lightweight open source operating system from Google Google. Google ChromeOS suffers from a memory misreference vulnerability that is caused by a flaw in ComponentInstaller. An attacker could exploit the vulnerability to intercept device management requests b...

Viasat多款产品 安全漏洞

Viasat RM5110 and others are products of Viasat, Inc.Viasat RM5110 is a satellite modem router.Viasat RM5111 is a satellite modem router.Viasat RG1100 is a modem router. A security vulnerability exists in several Viasat products that stems from dynamic DNS traffic interception that could lead to ...

CVE-2025-2185

CVE-2025-2185 affects ALBEDO Telecom Net.Time - PTP/NTP clock, v1.4.4. The root cause is insufficient session expiration, enabling an attacker to transmit passwords over unencrypted connections and potentially intercept credentials. Remediation: update to a newer version of Net.Time (per PT-2025-...

CVE-2025-2185 ALBEDO Telecom Net.Time - PTP/NTP Clock Insufficient Session Expiration

ALBEDO Telecom Net.Time - PTP/NTP clock Serial No. NBC0081P software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception...

CVE-2025-2185 ALBEDO Telecom Net.Time - PTP/NTP Clock Insufficient Session Expiration

ALBEDO Telecom Net.Time - PTP/NTP clock Serial No. NBC0081P software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception...