CVE-2026-49198
Improper Access Control in MQTT Broker Exposes Traffic via Wildcard Topics
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: 8fc372e3-d9c5-46e4-9410-38469745c639
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| acer | connect_w6x | 2.00.000008 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper access control in the MQTT broker, which allows unauthorized actors to subscribe to wildcard topics.
As a result, all MQTT traffic can be exposed to these unauthorized users.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to all MQTT traffic, potentially exposing sensitive data transmitted via MQTT.
This exposure can result in data breaches, loss of confidentiality, and compromise of systems relying on MQTT communication.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in the MQTT broker allows unauthorized actors to subscribe to wildcard topics, exposing all MQTT traffic. This improper access control can lead to unauthorized access to sensitive data transmitted via MQTT, potentially violating data protection requirements in standards like GDPR and HIPAA.
By exposing all MQTT traffic to unauthorized users, the vulnerability risks confidentiality and integrity of data, which are core principles in many compliance frameworks. Organizations using affected devices without applying the firmware update may face compliance issues due to inadequate access controls and potential data breaches.
Applying the firmware update that restricts wildcard topic subscriptions and adds payload sanitization is critical to maintaining compliance with these regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves improper access control in the MQTT broker allowing wildcard topic subscriptions, which exposes all MQTT traffic to unauthorized actors.
To detect this vulnerability on your network or system, you can monitor MQTT broker traffic for unauthorized wildcard topic subscriptions. Checking for unusual or unexpected MQTT subscription patterns, especially those using wildcards, may indicate exploitation attempts.
Specific commands are not provided in the available resources, but generally, you can use MQTT client tools or network packet analyzers (e.g., Wireshark) to inspect MQTT traffic and subscriptions.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the firmware of the Acer Connect W6x router to version W6x_GBL_2.00.000008 or later.
This firmware update restricts wildcard topic subscriptions in the local MQTT messaging broker, limiting message visibility to authorized users and addressing the improper access control issue.
Users should perform the update via the router admin console and avoid restarting or unplugging the router during the update process.