2 matches found
CVE-2019-12496
An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...
CVE-2019-12496
Hybrid Group Gobot (github.com/hybridgroup/gobot) has a vulnerability CVE-2019-12496 in versions before 1.13.0 where the mqtt subsystem skips verification of root CA certificates by default. This permits a man-in-the-middle attacker to read or forge messages between the MQTT client and server. Af...