CVE-2025-52136 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the inte…
Low CVSS: 3.0

CVE-2025-52136

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.
Vendor
-
Product
-
CWE
CWE-754
Yayın Tarihi
2025-08-10 04:15:33
Güncelleme
2025-08-12 15:15:30
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-754 LOW 2025

Referanslar

https://docs.emqx.com/en/emqx/latest/dashboard/introduction.html https://docs.emqx.com/en/emqx/latest/deploy/install-docker.html https://github.com/ricardojoserf/emqx-RCE https://github.com/ricardojoserf/emqx-RCE