CVE-2022-46416

Published: Mar 27, 2023Modified: Nov 21, 2024

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.

Affected (1)

Products: Parrot: Bebop Firmware

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Parrot Bebop Firmware	Version 4.7.1

Running on/with	Platform Versions
Parrot Bebop	All versions

Related CWEs

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (6)

https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv

Source: cve@mitre.org

Third Party Advisory

https://smartstore.naver.com/chachablues/products/6617613337

Source: cve@mitre.org

Product

https://smartstore.naver.com/hancomawesome-tech/products/5367473135

Source: cve@mitre.org

Product

https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-4xx4-r27p-wcrv

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://smartstore.naver.com/chachablues/products/6617613337

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://smartstore.naver.com/hancomawesome-tech/products/5367473135

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.