Unrated severityNVD Advisory· Published Mar 21, 2024· Updated Nov 5, 2024

CVE-2024-29862

Description

The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4.2.1 and chirpstack-gateway-bridge before 4.0.11 wrongly accepts certain TCP packets when a connection is not in the ESTABLISHED state.

Affected products

Kerlink/chirpstack-mqtt-forwarderdescription
ChirpStack/chirpstack-mqtt-forwarderllm-create
Range: <4.2.1
ChirpStack/chirpstack-gateway-bridgellm-create
Range: <4.0.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/chirpstack/chirpstack-gateway-bridge/commit/0c1e80c9fa9f5d093ff62903caedad86ec4640b6mitre
github.com/chirpstack/chirpstack-mqtt-forwarder/commit/4fa9e6eaaec8c3ca49ebfbf6317572671f17700fmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000