CNNVD-202510-2728 Information

CNNVD ID

CNNVD-202510-2728

Related CVE

CVE-2025-11757

• CNNVD Published: 2025-10-21

Description (Chinese)

CloudEdge App是CloudEdge公司的一款为监控摄像头设计的移动应用程序。 CloudEdge App存在安全漏洞，该漏洞源于未清理MQTT主题输入，可能导致攻击者利用MQTT通配符接收所有消息，从而获取连接到摄像头的凭据和密钥信息。

Description (English)

CloudEdge App is a mobile application designed by CloudEdge to monitor cameras. CloudEdge App has a security loophole that originates from uncleaned MQTT subject input, which may lead to the attackers receiving all messages using the MQTT designer, thus obtaining supporting and key information connected to the camera.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CloudEdge

Published

2025-10-21

Last Modified

2026-02-24

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-05 https://access.redhat.com/security/cve/cve-2025-11757