DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.
References
Link | Resource |
---|---|
https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-54q2-3r2m-9pgm | Exploit Third Party Advisory |
https://smartstore.naver.com/chachablues/products/6617613337 | Product |
https://smartstore.naver.com/hancomawesome-tech/products/5367473135 | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-03-27T00:00:00
Updated: 2023-03-27T00:00:00
Reserved: 2022-12-04T00:00:00
Link: CVE-2022-46415
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-27T21:15:10.047
Modified: 2023-04-03T17:04:17.763
Link: CVE-2022-46415
JSON object: View
Redhat Information
No data.
CWE