{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T00:29:10.658","vulnerabilities":[{"cve":{"id":"CVE-2024-45038","sourceIdentifier":"security-advisories@github.com","published":"2024-08-27T21:15:07.380","lastModified":"2025-10-21T14:06:33.750","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability."},{"lang":"es","value":"El firmware del dispositivo Meshtastic es un firmware para que los dispositivos meshtastic ejecuten una red de malla de código abierto, fuera de la red, descentralizada y diseñada para funcionar en dispositivos asequibles y de bajo consumo. El firmware del dispositivo Meshtastic está sujeto a una vulnerabilidad de denegación de servicio en el manejo de MQTT, corregida en la versión 2.4.1 del firmware Meshtastic y en el Broker MQTT público Meshtastic. Se recomienda encarecidamente que todos los usuarios de Meshtastic, especialmente aquellos que se conectan a un servidor MQTT alojado de forma privada, actualicen a esta o a una versión estable más reciente de inmediato. No se conocen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:meshtastic:meshtastic_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.1","matchCriteriaId":"1EF8629E-08D8-41A8-AD07-B9710BEE3171"}]}]}],"references":[{"url":"https://github.com/meshtastic/firmware/security/advisories/GHSA-3x3r-vw9f-pxq5","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}