4 matches found
EUVD-2019-8931
Malware in sbrugna...
CVE-2023-24151
A command injection vulnerability in the ip parameter in the function recvSlaveCloudCheckStatus of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet...
CVE-2022-32449
TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...
CVE-2019-19307
CVE-2019-19307 affects Cesanta Mongoose 6.16. The vulnerability is an integer overflow in the parse_mqtt function in mongoose.c that can be triggered by a crafted MQTT protocol packet, leading to remote denial of service (infinite loop) and possibly an out-of-bounds write. Reports from multiple s...