CVE-2020-29664
N/A
N/A
Summary
A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01.00.0510 allows for code execution via a malicious firmware upgrade packet.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://hacktheplanet.nu/djihax.pdf
- http://kth.diva-portal.org/smash/get/diva2:1463784/FULLTEXT01.pdf
- https://www.dji.com/mavic-2
- https://gist.github.com/viktoredstrom/2f0463ebe7cd786904f229e11386e817
References
- http://hacktheplanet.nu/djihax.pdf
- http://kth.diva-portal.org/smash/get/diva2:1463784/FULLTEXT01.pdf
- https://www.dji.com/mavic-2
- https://gist.github.com/viktoredstrom/2f0463ebe7cd786904f229e11386e817
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.