Eclipse · Mqtt · CVE-2016-10523
**Name of the Vulnerable Software and Affected Versions**
MQTT versions prior to 3.4.6
MQTT versions 4.0.x prior to 4.0.5
**Description**
The issue allows specifically crafted MQTT packets to crash the application, making a denial of service attack feasible with very little bandwidth. This is achieved through specific sequences of MQTT packets.
**Recommendations**
Update to version 3.4.6 or later for version 3.x.
Update to version 4.0.5 or later for version 4.x.