CVE-2023-6949 | DJI Mini 3 Pro prior 01.00.1200 HTTP Service missing authentication

Inserito da Angelo Barbosa | Apr 2, 2024 | CVE

A vulnerability has been found in DJI Mini 3 Pro and classified as critical. This vulnerability affects unknown code of the component HTTP Service. The manipulation leads to missing authentication.

This vulnerability was named CVE-2023-6949. The attack needs to be done within the local network. There is no exploit available.

The real existence of this vulnerability is still doubted at the moment.

It is recommended to upgrade the affected component.

CVE-2023-6949 | DJI Mini 3 Pro prior 01.00.1200 HTTP Service missing authentication

Post correlati

CVE-2023-48326 | Pixelite Events Manager Plugin up to 6.4.5 on WordPress cross site scripting

VDB-272284 | Google Cloud Platform Resource Manager displayName access control

CVE-2024-5135 | PHPGurukul Directory Management System 1.0 /admin/index.php username sql injection

CVE-2024-24062 | springboot-manager 1.6 /sys/role cross site scripting