4 matches found
CVE-2026-22535 FRAIL SECURITY IN MQTT PROTOCOL ALLOWS AN ATTACKER MODIFY CRITICAL PARAMETERS
An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured unencrypted MQTT communications protocol, write on the server topics of the board that controls the MQTT communications...
EUVD-2023-58493
Malicious code in bioql PyPI...
CVE-2023-6248
The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connect...
Hardcoded credentials
The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connect...