CVE-2022-46415
Summary
| CVE | CVE-2022-46415 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-03-27 21:15:00 UTC |
| Updated | 2023-04-03 17:04:00 UTC |
| Description | DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Dji | Spark | - | All | All | All |
| Operating System | Dji | Spark Firmware | 01.00.0900 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| DJI 스파크 with Remote Control Combo 화이트 : 차차브루스 | MISC | smartstore.naver.com | |
| Commercial Drone DHCP Exhaustion Vulnerability · Advisory · bosslabdcu/Vulnerability-Reporting · GitHub | MISC | github.com | |
| 패럿 비밥 프로 3D 모델링 드론 / 입체 모델링을 위한 일체형 드론 / Parrot Bebop Pro 3D Modeling Drone : 주식회사 한컴어썸텍 | MISC | smartstore.naver.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.