CVE-2025-11757

Vulnerability Description

The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key information to connect to the cameras from peer to peer.

Related Weaknesses (CWE)

CWE-155

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-05

FAQ

What is CVE-2025-11757?

CVE-2025-11757 is a documented vulnerability. The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribi...

How severe is CVE-2025-11757?

CVSS scoring is not yet available for CVE-2025-11757. Check NVD for updates.

Is there a patch for CVE-2025-11757?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.