Filtered by vendor Bevywise
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-35612 | 1 Bevywise | 1 Mqttroute | 2024-11-21 | N/A | 5.4 MEDIUM |
A cross-site scripting (XSS) vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field. | |||||
CVE-2022-35611 | 1 Bevywise | 1 Mqttroute | 2024-11-21 | N/A | 4.3 MEDIUM |
A Cross-Site Request Forgery (CSRF) in MQTTRoute v3.3 and below allows attackers to create and remove dashboards. | |||||
CVE-2019-6241 | 1 Bevywise | 1 Mqttroute | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker. |