CVE-2025-59449

Alias:

Overview

The YoSmart YoLink MQTT broker through 2025-10-02 does not enforce sufficient authorization controls to prevent cross-account attacks, allowing an attacker to remotely operate affected devices if the attacker obtains the associated device IDs. Because YoLink device IDs are predictable, an attacker c...

Critical

Low

Medium

No items found.

Severity / CVSS Score: (Critical)

CWE:

Discovery date:

Authentication required: NoneYes

Attack Vector: None

CVE-2025-59449

Overview

Affected Components

Kodem Deep Dive

Stop the waste.
Protect your environment with Kodem.

CVE-2025-59449

Overview

Affected Components

Kodem Deep Dive

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.