EUVD-2021-19890

Malware in sbrugna...

CVE-2021-33175

EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the...

EMQ X 路径遍历漏洞

EMQ X is a fully open source, highly scalable and highly available distributed MQTT message broker. Ideal for IoT, M2M and mobile applications, it can handle tens of millions of concurrent clients. A security vulnerability exists in EMQ X v4.3.8. An attacker exploited the vulnerability to perform...

EMQ X User Enumeration Vulnerability

EMQ X is a fully open source, highly scalable and highly available distributed MQTT messaging agent for IoT, M2M and mobile applications. Suitable for IoT, M2M and mobile applications EMQ programs can handle tens of millions of concurrent clients. EMQ X Dashboard version V3.0.0 contains a user...

CVE-2021-46434

EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was valid...

CVE-2021-46434

EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was valid...

Code injection

UNSUPPORTED WHEN ASSIGNED EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was valid...

CVE-2021-46434

EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was valid...

CVE-2021-46434

EMQ X Dashboard 3.0.0 is affected by a username enumeration vulnerability in the /api/v3/auth interface. The login response differs depending on whether the username exists, allowing an attacker to determine if a given username is valid. Public references across CNVD/OSV/NVD/CVE records confirm t...

PT-2022-12705 · Emq · Emq X Dashboard

Name of the Vulnerable Software and Affected Versions: EMQ X Dashboard version 3.0.0 Description: The issue concerns username enumeration in the "/api/v3/auth" interface. When a user logs in, the application returns different results depending on whether the account is correct, allowing an attack...

CVE-2021-33175

EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the...

CVE-2021-33175

EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the...

CVE-2021-33175

Summary: CVE-2021-33175 affects EMQ X Broker versions prior to 4.2.8. The vulnerability allows a denial-of-service via excessive memory consumption when processing untrusted inputs, leading to memory exhaustion and potential OS termination. The issue is triggered by handling inputs that drive mem...

CVE-2021-33175

EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the...

EMQ X Broker 安全漏洞

EMQ X Broker is a distributed message broker. A security vulnerability exists in EMQ X Broker prior to 4.2.8, which is caused by excessive memory consumption due to processing untrustworthy input...