Drone-Lab

3 exploits Active since Feb 2024
CVE-2024-22519 WRITEUP HIGH WRITEUP
OpenDroneID OSM 3.5.1 - Authentication Bypass by Spoofing via Crafted Data Packets
An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via transmission of crafted data packets.
CVSS 8.2
CVE-2024-22520 WRITEUP HIGH WRITEUP
Dronetag Drone Scanner <1.5.2 - Privilege Escalation
An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets.
CVSS 8.2
CVE-2024-24254 WRITEUP MEDIUM WRITEUP
PX4 Autopilot < 1.14.0 - Race Condition in Geofence Data Loading
PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. This will result in the drone uploading overlapping geofences and mission routes.
CVSS 4.2