CVE-2025-32885

Medium CVSS: 6.5

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message (into existing v1 networks) with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised.

Vendor

Gotenna

Product

Mesh Firmware

CWE

CWE-1390

Yayın Tarihi

2025-05-01 18:15:55

Güncelleme

2025-06-20 16:48:21

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-1390 Mesh Firmware MEDIUM Gotenna 2025

Referanslar

https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities https://gotenna.com

Benzer Kayıtlar

High

CVE-2025-32889

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sendin…

Medium

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of e…

High

CVE-2025-32888

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for send…

Medium

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation o…

Medium

CVE-2025-32884

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phon…

Medium

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent…