CNNVD-202507-1680 Information

CNNVD ID

CNNVD-202507-1680

Related CVE

CVE-2024-47065

• CNNVD Published: 2025-07-11

Description (Chinese)

Meshtastic是Meshtastic开源的一种去中心化无线离网网状网络 LoRa 协议。 Meshtastic 2.5.1之前版本存在安全漏洞，该漏洞源于远程节点的traceroute响应未限制速率，可能导致位置机密性问题。

Description (English)

Meshtastic is a decentralised wireless network LoRA protocol that is an open source of Meshtastic. There was a security loophole in the pre-Meshtastic 2.5.1 version, which originated from the unrestricted speed of the traceroute response at a remote node, which could lead to issues of location confidentiality.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MessagePack

Published

2025-07-11

Last Modified

2026-02-24

References

https://github.com/meshtastic/firmware/security/advisories/GHSA-4hjx-54gf-2jh7 https://nvd.nist.gov/vuln/detail/CVE-2024-47065 https://access.redhat.com/security/cve/cve-2024-47065

Patch

https://github.com/meshtastic/firmware/releases