CVE-2022-46416
Summary
| CVE | CVE-2022-46416 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-03-27 21:15:00 UTC |
| Updated | 2023-04-03 17:08:00 UTC |
| Description | Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets. |
Risk And Classification
Problem Types: CWE-770
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Parrot | Bebop | - | All | All | All |
| Operating System | Parrot | Bebop Firmware | 4.7.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| DJI 스파크 with Remote Control Combo 화이트 : 차차브루스 | MISC | smartstore.naver.com | |
| 패럿 비밥 프로 3D 모델링 드론 / 입체 모델링을 위한 일체형 드론 / Parrot Bebop Pro 3D Modeling Drone : 주식회사 한컴어썸텍 | MISC | smartstore.naver.com | |
| Commercial Drone DHCP Exhaustion Vulnerability · Advisory · bosslabdcu/Vulnerability-Reporting · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.