CVE-2026-32696

Published: Mar 30, 2026 Last Modified: Mar 30, 2026
ExploitDB:
Other exploit source:
Google Dorks:
LOW 3,1
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low

Description

AI Translation Available

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.http_auth (HTTP authentication), when a client connects to the broker using MQTT CONNECT without providing username/password, and the configuration params uses the placeholders %u / %P (e.g., username='%u', password='%P'), the HTTP request construction phase enters auth_http.c:set_data(). This results in calling strlen() on a NULL pointer, causing a SIGSEGV crash. This crash can be triggered remotely, resulting in a denial of service. This issue has been patched in version 0.24.7.

476

NULL Pointer Dereference

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Read Memory Modify Memory
Applicable Platforms
Languages: C, C#, C++, Go, Java
Likelihood of Exploit: Medium
View CWE Details
https://github.com/nanomq/nanomq/releases/tag/0.24.7
https://github.com/nanomq/nanomq/releases/tag/0.24.7
https://github.com/nanomq/nanomq/security/advisories/GHSA-7…
https://github.com/nanomq/nanomq/security/advisories/GHSA-77f4-wvq8-mp3p
https://github.com/nanomq/NanoNNG/commit/c20aa27e5290bb480a…
https://github.com/nanomq/NanoNNG/commit/c20aa27e5290bb480a5315099952480d35f37a…
https://github.com/nanomq/NanoNNG/pull/1394
https://github.com/nanomq/NanoNNG/pull/1394