Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Connected IO v2.1.0 and prior has a misconfiguration in their MQTT broker used for management and device communication, which allows devices to connect to the broker and issue commands to other device, impersonating Connected IO management platform and sending commands to all of Connected IO's devices.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Connected IO 安全漏洞
Vulnerability Description
Connected IO是美国Connected IO公司的一款领先的硬件、软件和基于云的物联网和机器对机器解决方案 Connected IO v2.1.0 版本之前存在安全漏洞,该漏洞源于用于管理和设备通信的 MQTT 代理中存在错误配置,该代理允许设备连接到代理并向其他设备发出命令,模拟 Connected IO 管理平台并向所有 Connected IO 设备发送命令。
CVSS Information
N/A
Vulnerability Type
N/A