Filtered by vendor Parrot
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-33844 | 1 Parrot | 1 Anafi Firmware | 2024-11-21 | N/A | 7.5 HIGH |
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE. | |||||
CVE-2022-46416 | 1 Parrot | 2 Bebop, Bebop Firmware | 2024-11-21 | N/A | 9.1 CRITICAL |
Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets. | |||||
CVE-2019-3945 | 1 Parrot | 2 Anafi, Anafi Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Web server running on Parrot ANAFI can be crashed due to the SDK command "Common_CurrentDateTime" being sent to control service with larger than expected date length. | |||||
CVE-2019-3944 | 1 Parrot | 2 Anafi, Anafi Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight. |