Gotenna Security Vulnerabilities (CVEs)
Track 16 security vulnerabilities affecting Gotenna products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows attackers to send SMS messages through goTenna servers without authorization by using a hardcoded verification token in the ...
May 1, 2025goTenna Mesh devices with vulnerable app/firmware versions transmit user phone numbers unencrypted in messages by default. This allows attackers inter...
May 1, 2025This vulnerability allows local attackers to intercept sensitive data transmitted by goTenna v1 devices. When packets are sent over RF, they are also ...
May 1, 2025This vulnerability in goTenna v1 devices allows attackers to intercept command channels containing next-hop information, which can be used to break fr...
May 1, 2025This vulnerability exposes users' phone numbers in goTenna v1 devices by transmitting them unencrypted as Group IDs (GIDs) in messages. Anyone using g...
May 1, 2025The goTenna Pro App vulnerability allows unauthenticated attackers to remotely replace the public keys used for peer-to-peer and group message encrypt...
Sep 26, 2024The goTenna Pro App uses AES-CTR encryption without integrity checking, allowing attackers who can access encrypted messages to modify their content w...
Sep 26, 2024The goTenna Pro App fails to authenticate public keys, allowing unauthenticated attackers to intercept and manipulate messages. This affects all users...
Sep 26, 2024This vulnerability in the goTenna Pro App allows attackers to inject forged messages with arbitrary group IDs and callsigns into goTenna mesh networks...
Sep 26, 2024The goTenna Pro App fails to pad broadcasted frames with extra characters, allowing attackers to determine the length of encrypted messages. This info...
Sep 26, 2024The goTenna Pro ATAK Plugin fails to encrypt callsigns in messages, potentially exposing sensitive information to unauthorized observers. This affects...
Sep 26, 2024The goTenna Pro App uses weak passwords for sharing encryption keys via RF broadcast, allowing attackers who capture the broadcast to potentially brut...
Sep 26, 2024The goTenna Pro ATAK Plugin's default settings broadcast user location data every 60 seconds without encryption when the plugin is active. This vulner...
Sep 26, 2024The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via RF broadcast, allowing attackers who capture the broadcast to potenti...
Sep 26, 2024The goTenna Pro ATAK Plugin vulnerability allows attackers to inject forged messages with arbitrary group IDs and callsigns into goTenna mesh networks...
Sep 26, 2024CVE-2024-43108 is a cryptographic vulnerability in the goTenna Pro ATAK Plugin where encrypted messages lack integrity checking, allowing attackers to...
Sep 26, 2024Why Monitor Gotenna Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 16+ known vulnerabilities affecting Gotenna products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Gotenna packages in under 60 seconds. No agents required - completely agentless scanning that works across Gotenna deployments.
Free vulnerability database: Access detailed information about every Gotenna CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Gotenna CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
