← Back

Dji

dji

5 CVEs • 29 products

Products (29)

Click to collapse
Toggle
Mini Se Firmware
mini_se_firmware
2 CVEs
Spark Firmware
spark_firmware
2 CVEs
Newsbin Pro
newsbin_pro
1 CVE
Mavic 2 Firmware
mavic_2_firmware
1 CVE
Mavic 3 Firmware
mavic_3_firmware
1 CVE
Rc Pro Firmware
rc_pro_firmware
1 CVE
Air 2s Firmware
air_2s_firmware
1 CVE
Air 2 Firmware
air_2_firmware
1 CVE
Mini 2 Firmware
mini_2_firmware
1 CVE
Fpv Firmware
fpv_firmware
1 CVE
Fhantom 4 Pro Firmware
fhantom_4_pro_firmware
1 CVE
Inspire 2 Firmware
inspire_2_firmware
1 CVE
Zenmuse X7 Firmware
zenmuse_x7_firmware
1 CVE
Zenmuse X5s Firmware
zenmuse_x5s_firmware
1 CVE
Mavic Mini Firmware
mavic_mini_firmware
1 CVE
Mavic 2
mavic_2
0 CVEs
Mavic 3
mavic_3
0 CVEs
Rc Pro
rc_pro
0 CVEs
Air 2s
air_2s
0 CVEs
Air 2
air_2
0 CVEs
Mini 2
mini_2
0 CVEs
Mini Se
mini_se
0 CVEs
Fpv
fpv
0 CVEs
Fhantom 4 Pro
fhantom_4_pro
0 CVEs
Inspire 2
inspire_2
0 CVEs
Zenmuse X7
zenmuse_x7
0 CVEs
Zenmuse X5s
zenmuse_x5s
0 CVEs
Spark
spark
0 CVEs
Mavic Mini
mavic_mini
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-26673
1Dji
3Mavic Mini Firmware
Mini Se FirmwareSpark Firmware
Mar 5, 2026
Mar 4, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem
CVE-2022-46415
1Dji
1Spark Firmware
Feb 19, 2025
Mar 27, 2023
N/A· v4
5.9 MEDIUM· v3
N/A· v2
DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi...Show more
DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.Show less
CVE-2022-29945
1Dji
11Air 2 Firmware
Air 2s FirmwareFhantom 4 Pro Firmware+8 more
Nov 21, 2024
Apr 29, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol.
CVE-2020-29664
1Dji
1Mavic 2 Firmware
Nov 21, 2024
Feb 18, 2021
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01.00.0510 allows for code execution via a malicious firmware upgrade packet.
CVE-2007-1074
1Dji
1Newsbin Pro
Apr 23, 2026
Feb 22, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long gro...Show more
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file.Show less