goTenna Mesh Hardcoded Verification Token Vulnerability

Vulnerability

A vulnerability exists in goTenna Mesh devices running app version 5.5.3 and firmware 1.1.12. The issue stems from a hardcoded verification token in the application, which is used to send SMS messages through a goTenna server. This vulnerability could potentially be exploited to intercept or manipulate SMS communications sent via the goTenna network.

Impact

Exploitation of this vulnerability could lead to unauthorized interception or manipulation of SMS messages sent through the goTenna server, potentially allowing an attacker to impersonate a user or disrupt communications.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

goTenna Mesh Hardcoded Verification Token Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating