Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and App
Vulnerability Description
The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key information to connect to the cameras from peer to peer.
CVSS Information
N/A
Vulnerability Type
双字符或匹配符号转义处理不恰当
Vulnerability Title
CloudEdge App 安全漏洞
Vulnerability Description
CloudEdge App是CloudEdge公司的一款为监控摄像头设计的移动应用程序。 CloudEdge App存在安全漏洞,该漏洞源于未清理MQTT主题输入,可能导致攻击者利用MQTT通配符接收所有消息,从而获取连接到摄像头的凭据和密钥信息。
CVSS Information
N/A
Vulnerability Type
N/A