GHSA-VFXC-R2GX-V2VQ Hybrid Group Gobot Improper Certificate Validation vulnerability

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. Specific Go Packages Affected github.com/hybridgroup/gobot/platforms/mqtt...

Hybrid Group Gobot Improper Certificate Validation vulnerability

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. Specific Go Packages Affected github.com/hybridgroup/gobot/platforms/mqtt...

Weak Authentication

hybridgroup/gobot is vulnerable to weak authentication vulnerability. A remote attacker can successfully initiate an exploitation without any form of authentication which affects the functionality of the component mqtt subsystem by skiping verification of root CA certificates by default...

CVE-2019-12496

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

Default credentials

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

CVE-2019-12496

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

Improper Certificate Validation

An issue was discovered in Hybrid Group Gobot. The mqtt subsystem skips verification of root CA certificates by default...