Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability.
                
            Metrics
Affected Vendors & Products
References
        History
                    Tue, 21 Oct 2025 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Meshtastic meshtastic Firmware | |
| CPEs | cpe:2.3:o:meshtastic:meshtastic_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products | Meshtastic meshtastic Firmware | 
Wed, 28 Aug 2024 14:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Meshtastic Meshtastic firmware | |
| CPEs | cpe:2.3:a:meshtastic:firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products | Meshtastic Meshtastic firmware | |
| Metrics | ssvc 
 | 
Tue, 27 Aug 2024 20:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability. | |
| Title | Device crash via malformed MQTT packet when downlink is enabled in Meshtastic device firmware | |
| Weaknesses | CWE-755 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-08-27T20:36:34.548Z
Updated: 2024-08-28T14:00:41.737Z
Reserved: 2024-08-21T17:53:51.330Z
Link: CVE-2024-45038
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-08-28T14:00:35.301Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-08-27T21:15:07.380
Modified: 2025-10-21T14:06:33.750
Link: CVE-2024-45038
 Redhat
                        Redhat
                    No data.