CNNVD-202510-761 Information

CNNVD ID

CNNVD-202510-761

Related CVE

CVE-2025-59449

• CNNVD Published: 2025-10-06

Description (Chinese)

YoSmart YoLink MQTT broker是美国YoSmart公司的一个消息代理服务器。 YoSmart YoLink MQTT broker 2025-10-02及之前版本存在安全漏洞，该漏洞源于授权控制不足，可能导致跨账户攻击。

Description (English)

YoSmart YoLink MQTT broker is an information proxy for YoSmart in the United States. YoSmart YoLink MQTTbroker 2025-10-02 and earlier versions had a security loophole, which stemmed from inadequate authorized controls and could lead to cross-account attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

YoSmart

Published

2025-10-06

Last Modified

2026-02-24

References

https://bishopfox.com/blog/how-a-20-smart-device-gave-me-access-to-your-home https://shop.yosmart.com/pages/product-support https://bishopfox.com/blog/advisories https://access.redhat.com/security/cve/cve-2025-59449