CVE-2016-10523

Summary

MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.

Affected Software

VendorProductVersion RangeStatus
HackerOnemqtt-packet node module`<3.4.6

Weaknesses

  • CWE-400: Denial of Service (CWE-400)

ADP Enrichment

CVE Program Container

Additional References

References