Vulnerabilities (CVE)

Filtered by vendor Bevywise Subscribe
Filtered by product Mqttroute
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-35612 1 Bevywise 1 Mqttroute 2024-11-21 N/A 5.4 MEDIUM
A cross-site scripting (XSS) vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field.
CVE-2022-35611 1 Bevywise 1 Mqttroute 2024-11-21 N/A 4.3 MEDIUM
A Cross-Site Request Forgery (CSRF) in MQTTRoute v3.3 and below allows attackers to create and remove dashboards.
CVE-2019-6241 1 Bevywise 1 Mqttroute 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker.