hybridgroup/gobot is vulnerable to weak authentication vulnerability. A remote attacker can successfully initiate an exploitation without any form of authentication which affects the functionality of the component mqtt subsystem by skiping verification of root CA certificates by default.