High severity7.5NVD Advisory· Published Nov 17, 2022· Updated Jun 17, 2026
CVE-2022-42982
CVE-2022-42982
Description
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. The NTRIP sourcetable is typically quite long (tens of kBs) and can be requested with a packet of only 30 bytes. This presents a vector that can be used for UDP amplification attacks. Normally, only authenticated streaming data will be provided over UDP and not the sourcetable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- BKG Professional/NtripCasterdescription
- Range: <=2.0.39
- Range: <=2.0.39
Patches
Vulnerability mechanics
References
2- cve.mahi.be/bkg_ntrip_udp/nvdThird Party Advisory
- igs.bkg.bund.de/ntrip/bkgcasternvdProductVendor Advisory
News mentions
0No linked articles in our index yet.