{"api_version":"1","generated_at":"2026-06-15T04:14:46+00:00","cve":"CVE-2022-46416","urls":{"html":"https://cve.report/CVE-2022-46416","api":"https://cve.report/api/cve/CVE-2022-46416.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-46416","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-46416"},"summary":{"title":"CVE-2022-46416","description":"Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-03-27 21:15:00","updated_at":"2023-04-03 17:08:00"},"problem_types":["CWE-770"],"metrics":[],"references":[{"url":"https://smartstore.naver.com/chachablues/products/6617613337","name":"https://smartstore.naver.com/chachablues/products/6617613337","refsource":"MISC","tags":[],"title":"DJI 스파크 with Remote Control Combo 화이트 : 차차브루스","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://smartstore.naver.com/hancomawesome-tech/products/5367473135","name":"https://smartstore.naver.com/hancomawesome-tech/products/5367473135","refsource":"MISC","tags":[],"title":"패럿 비밥 프로 3D 모델링 드론 / 입체 모델링을 위한 일체형 드론 / Parrot Bebop Pro 3D Modeling Drone : 주식회사 한컴어썸텍","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv","name":"https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv","refsource":"MISC","tags":[],"title":"Commercial Drone DHCP Exhaustion Vulnerability · Advisory · bosslabdcu/Vulnerability-Reporting · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-46416","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46416","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"46416","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"parrot","cpe5":"bebop","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"46416","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"parrot","cpe5":"bebop_firmware","cpe6":"4.7.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-46416","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://smartstore.naver.com/chachablues/products/6617613337","url":"https://smartstore.naver.com/chachablues/products/6617613337"},{"refsource":"MISC","name":"https://smartstore.naver.com/hancomawesome-tech/products/5367473135","url":"https://smartstore.naver.com/hancomawesome-tech/products/5367473135"},{"refsource":"MISC","name":"https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv","url":"https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv"}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AC:L/AV:N/A:H/C:L/I:L/PR:L/S:C/UI:N","version":"3.1"}}},"nvd":{"publishedDate":"2023-03-27 21:15:00","lastModifiedDate":"2023-04-03 17:08:00","problem_types":["CWE-770"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.2,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:parrot:bebop_firmware:4.7.1:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:parrot:bebop:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}