Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-accessible MQTT service exploited by low-privilege connected client via client_id manipulation; no scope change; low and symmetric C/I/A impact consistent with CVSS 4.0 VC:L/VI:L/VA:L.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Affected by this issue is some unknown functionality of the file pkg/channels/mqtt/mqtt.go of the component MQTT Channel Handler. This manipulation of the argument client_id causes incorrect authorization. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The reported GitHub issue was closed automatically due to inactivity.
AnalysisAI
Incorrect authorization in Sipeed PicoClaw's MQTT Channel Handler (pkg/channels/mqtt/mqtt.go) through version 0.2.9 allows remote low-privileged attackers to bypass access controls by manipulating the client_id argument, enabling unauthorized access to MQTT channels belonging to other clients. A public proof-of-concept exploit exists via the referenced GitHub issue, elevating practical risk beyond the moderate CVSS 4.0 score of 5.3. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to have network connectivity to the Sipeed PicoClaw MQTT broker and the ability to initiate a low-privilege MQTT connection (consistent with PR:L in the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P) places this as a network-exploitable, low-complexity vulnerability requiring only low-privilege access, with a proof-of-concept exploitability modifier, yielding a score of 5.3 (medium). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with low-privilege access to the MQTT broker - such as a legitimately registered IoT device or any client on the same network segment - uses the publicly available proof-of-concept to send an MQTT connection or channel-access request with a spoofed `client_id` belonging to a different, higher-privilege client. The PicoClaw MQTT Channel Handler's flawed authorization logic accepts the manipulated identifier without verifying it against the authenticated session, granting the attacker read and write access to the victim client's MQTT channels and enabling message interception or injection within the IoT messaging fabric. |
| Remediation | No vendor-released patch has been identified at time of analysis - the associated GitHub issue (https://github.com/sipeed/picoclaw/issues/3068) was closed automatically due to inactivity rather than through a code fix, and no patched release is reflected in the CPE data. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Improper access control in Sipeed PicoClaw up to version 0.2.9 allows remote unauthenticated attackers to bypass the IP
Server-side request forgery in Sipeed PicoClaw up to version 0.2.9 allows remote attackers to manipulate the WebFetchToo
Missing authorization in Sipeed PicoClaw up to version 0.2.9 permits remote low-privileged attackers to invoke the rt.Re
Remote command injection in PicoClaw Web Launcher Management Plane (versions up to 0.2.4) allows unauthenticated attacke
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42765
GHSA-8f88-w9gq-227v