Security Advisory

CVE-2025-52136

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-10 00:00:00

Last updated 2025-08-12 14:27:35

Assigner mitre

State PUBLISHED

Description

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Suppliers position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugins acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.

← Browse all CVEs View on cve.org ↗