How severe is CVE-2024-42483?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-42483?

This is classified as CWE-349, which is a common weakness in software security.

CVE-2024-42483 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are broadcast or unicast, and regardless of whether they are ciphertext or plaintext. This can result an attacker to clear the cache of its legitimate entries, there by creating an opportunity to re-inject previously captured packets. This vulnerability is fixed in 2.5.2.

Related Vulnerabilities

CVE-2020-10751

MEDIUM

CVSS:6.1(Medium)

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrect...

CWE-3492020

CVE-2024-53848

HIGH

CVSS:7.1(High)

check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. `https://exa...

CWE-3492024

CVE-2023-44317

HIGH

CVSS:7.2(High)

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M80...

CWE-3492023

CVE-2024-41924

HIGH

CVSS:7.2(High)

Acceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4 series. If this vulnerability is exploited, an attacker who obtained the administrative privilege may instal...

CWE-3492024

CVE-2023-3749

MEDIUM

CVSS:5.5(Medium)

A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.

CWE-3492023

CVE-2025-27415

HIGH

CVSS:7.5(High)

Nuxt is an open-source web development framework for Vue.js. Prior to 3.16.0, by sending a crafted HTTP request to a server behind an CDN, it is possible in some circumstances to poison the CDN cache ...

CWE-3492025