Mesh Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:gotenna:mesh_firmware:0.25.5:*:*:*:*:*:*:*
part: o version: 0.25.5 update: *
| Vendor | Gotenna (04dc2b99-45b6-5512-bd24-ced62841f7d2) |
|---|---|
| Product | Mesh Firmware (8690ce00-af8e-544b-aa17-1cb9c818200b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-32889 |
vulnerable | 2026-06-08 07:19:00.939990 |
Details available
HIGH (7.3)
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T18:52:25.319Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32887 |
vulnerable | 2026-06-08 07:19:00.939286 |
Details available
HIGH (7.1)
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T19:19:41.743Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32886 |
vulnerable | 2026-06-08 07:19:00.938902 |
Details available
MEDIUM (4)
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T19:26:19.888Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32885 |
vulnerable | 2026-06-08 07:19:00.938480 |
Details available
MEDIUM (6.5)
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message (into existing v1 networks) with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T19:28:49.157Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32882 |
vulnerable | 2026-06-08 07:19:00.935403 |
Details available
MEDIUM (5.3)
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T19:49:08.079Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32881 |
vulnerable | 2026-06-08 07:19:00.933513 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.