2 matches found
BIT-NATS-2026-33216 NATS has MQTT plaintext password disclosure
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement JWT and exposed via monitoring...
CG-WLNCM4G may behave as an open resolver
Overview CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...