Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/05/29 8:38 a.m.8 views

CVE-2026-49199 Predator Connect W6x: RCE via MQTT

Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...

10CVSS6.2AI score0.01338EPSS
Exploits0References1
NVD
NVD
added 2026/04/17 8:16 p.m.11 views

CVE-2026-32324

Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels at scale...

7.7CVSS0.00087EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/06 12:0 a.m.8 views

PT-2025-40945

Name of the Vulnerable Software and Affected Versions YoSmart YoLink ecosystem through 2025-10-02 YoLink Hub 0382 YoLink Mobile Application version 1.40.41 YoLink MQTT Broker Description Components of the YoSmart YoLink ecosystem utilize unencrypted MQTT for internet communication. This allows an...

4.7CVSS6.4AI score0.00169EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.3 views

The vulnerability of the recvSlaveUpgstatus() function in the MQTT service of the TOTOLink T6 microprogramming system allows a attacker to execute arbitrary code.

The vulnerability of the recvSlaveUpgstatus function in the MQTT service of the TOTOLink T6 mesh-system’s micro-programming system is related to the issue of operations going out of the buffer in memory when processing the parameter s. Exploiting this vulnerability allows a malicious actor to...

9CVSS8.2AI score0.00981EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/02/19 12:15 a.m.2 views

CVE-2022-25133

A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router T6 V3Firmware T6V3V4.1.5cu.748B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet...

9.8CVSS7.5AI score0.02937EPSS
Exploits0References2
OSV
OSV
added 2021/09/23 1:15 p.m.3 views

ALPINE-CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

9.1CVSS6.9AI score0.06216EPSS
Exploits1References1
OSV
OSV
added 2017/11/07 4:29 p.m.3 views

DEBIAN-CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

9.8CVSS8.5AI score0.31045EPSS
Exploits2References1
Rows per page
Query Builder