Published: 07/04/2021 Updated: 13/04/2021

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur.

Vulnerable Product	Search on Vulmon	Subscribe to Product

Debian Bug report logs - #986701 mosquitto: CVE-2021-28166 Package: src:mosquitto; Maintainer for src:mosquitto is Roger A Light <roger@atchooorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 9 Apr 2021 19:27:01 UTC Severity: grave Tags: security, upstream Found in version mosquitto/209-1 ...

In Eclipse Mosquitto version 200 to 209, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur ...

A fuzzing framework targeted at MQTT brokers. Modeled as a finite state machine (using Markov Modeling).

FUME: Fuzzing MQTT Brokers Table of Contents Introduction Get Started Configuring your Fuzzing Session Crash Triage Bugs Discovered with FUME Introduction FUME is a fuzzing engine targeted directly at MQTT brokers It uses both generation-guided and mutation-guided fuzzing techniques to craft fuzzy MQTT payloads to send to your target It also leverages a response feedback m

CWE-476 https://bugs.eclipse.org/bugs/show_bug.cgi?id=572608 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986701 https://nvd.nist.gov https://github.com/PBearson/FUME-Fuzzing-MQTT-Brokers

CVE-2021-28166

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect