CVE-2019-12496

HIGH

Hybrid Group Gobot < 1.13.0 - Improper Certificate Validation in MQTT Subsystem

Title source: llm

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default.

Core 2

Core References

Release Notes x_refsource_misc

Patch x_refsource_misc

CVSS v3 7.5

EPSS 0.0071

EPSS Percentile 48.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-295

Status published

Products (2)

hybridgroup/gobot < 1.13.0

hybridgroup/gobot 0 - 1.12.1-0.20190521122906-c1aa4f867846Go

Published May 31, 2019

Tracked Since Feb 18, 2026