CVE-2024-21875

Description

Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

Badge.team / Hacker Hotel Badge 20240.1.0 – 0.1.3

References

MISChttps://csirt.divd.nl/CVE-2024-21875
PATCHhttps://github.com/badgeteam/hackerhotel-2024-firmware-esp32c6/pull/64