What the vulnerability does

01Description

MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.

Key dates

02Disclosure timeline

May 31, 2018 CVE published
September 17, 2024 Record updated