Primary

Context

EMQX Dashboard Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability exists in EMQX versions prior to 5.8.6. This issue allows administrators to install arbitrary plugins through the Dashboard web interface. While the supplier claims this behavior is intentional, the recent version 5.8.6 introduces a command that lets administrators control which plugins can be installed via the Dashboard.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where EMQX is running.

Reproduction

To reproduce this vulnerability, log into the EMQX Dashboard on a version prior to 5.8.6. Navigate to the 'Plugin' section and upload a malicious plugin crafted to execute commands. Once the plugin is installed, it can be used to execute arbitrary commands on the server, achieving remote code execution.

Remediation

Users can update to EMQX version 5.8.6 or later, where this vulnerability is addressed by requiring explicit permission for plugin installations via the Dashboard.

Added: Aug 10, 2025, 4:23 AM

Updated: Aug 10, 2025, 4:23 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

6.1

remediation

7.7

relevance

0.3

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

6.1

remediation

7.7

relevance

0.3

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EMQX Dashboard Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

EMQX

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating