Vulnerabilities

CVE-2025-52136

by Fred · 10/08/2025

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier’s position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin’s acceptability (for later Dashboard installation) is set by the “emqx ctl plugins allow” CLI command.

Assigner : cve@mitre.org

More information : https://docs.emqx.com/en/emqx/latest/dashboard/introduction.html

Similar

Tags: Cybersecurity Alert