This Metasploit module exploits an MQTT credential disclosure vulnerability in Servisnet Tessa The appjs is publicly available which acts as the backend of the application By exposing a default value for the "Authorization" HTTP header, it is possible to make unauthenticated requests to some areas of the application Even MQTT (Message Queuing T ...