2025-08-10 00:00:00
mitre
PUBLISHED
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Suppliers position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugins acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.