2 matches found
EUVD-2025-32582
The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50...
CVE-2025-59452
The CVE-2025-59452 entry maps to YoSmart YoLink ecosystem vulnerabilities noted by multiple sources. The YoSmart YoLink MQTT broker (through 2025-10-02) does not enforce sufficient authorization, enabling a cross‑account attack where an attacker with device IDs could remotely operate other users’...