CVE-2024-29862

The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4.2.1 and chirpstack-gateway-bridge before 4.0.11 wrongly accepts certain TCP packets when a connection is not in the ESTABLISHED state.

CVSS

No CVSS.

References

Link	Resource
https://github.com/chirpstack/chirpstack-gateway-bridge/commit/0c1e80c9fa9f5d093ff62903caedad86ec4640b6	Patch
https://github.com/chirpstack/chirpstack-gateway-bridge/commit/0c1e80c9fa9f5d093ff62903caedad86ec4640b6	Patch
https://github.com/chirpstack/chirpstack-mqtt-forwarder/commit/4fa9e6eaaec8c3ca49ebfbf6317572671f17700f	Patch
https://github.com/chirpstack/chirpstack-mqtt-forwarder/commit/4fa9e6eaaec8c3ca49ebfbf6317572671f17700f	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:chirpstack:gateway_bridge::::::::
	cpe:2.3:a:chirpstack:mqtt_forwarder::::::::

History

17 Jun 2025, 13:51

Type	Values Removed	Values Added
References	~~() https://github.com/chirpstack/chirpstack-gateway-bridge/commit/0c1e80c9fa9f5d093ff62903caedad86ec4640b6 -~~	() https://github.com/chirpstack/chirpstack-gateway-bridge/commit/0c1e80c9fa9f5d093ff62903caedad86ec4640b6 - Patch
References	~~() https://github.com/chirpstack/chirpstack-mqtt-forwarder/commit/4fa9e6eaaec8c3ca49ebfbf6317572671f17700f -~~	() https://github.com/chirpstack/chirpstack-mqtt-forwarder/commit/4fa9e6eaaec8c3ca49ebfbf6317572671f17700f - Patch
CPE		cpe:2.3:a:chirpstack:gateway_bridge:::::::: cpe:2.3:a:chirpstack:mqtt_forwarder::::::::
CWE		NVD-CWE-noinfo
First Time		Chirpstack mqtt Forwarder Chirpstack gateway Bridge Chirpstack

21 Mar 2024, 04:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-21 04:15

Updated : 2025-06-17 13:51

NVD link : CVE-2024-29862

Mitre link : CVE-2024-29862

JSON object : View

Products Affected

chirpstack

mqtt_forwarder
gateway_bridge

CWE

NVD-CWE-noinfo

JSON object

Attach tags to CVE-2024-29862

Attach tags to `CVE-2024-29862`