CVE-2024-48077
Published: 15 January 2026
Summary
CVE-2024-48077 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Emqx Nanomq. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 3.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Planning and coordination of security activities (scans, tests, maintenance) directly imposes scheduling and throttling that prevents those activities from producing uncontrolled resource consumption.
Limiting concurrent sessions directly prevents uncontrolled resource consumption by capping the number of active sessions per user or account.
Analysis identifies uncontrolled resource consumption indicative of denial-of-service or abuse attempts.
Contingency plan testing includes resource exhaustion scenarios to verify recovery, making it harder for attackers to sustain exploits that cause uncontrolled consumption.
Updated contingency plans include current procedures to detect, contain, and recover from resource exhaustion, limiting an attacker's ability to sustain impact from uncontrolled consumption.
Alternate site allows resumption of operations if resource exhaustion at the primary site is exploited to cause unavailability.
Alternate telecommunications services enable resumption of essential functions when primary services become unavailable due to uncontrolled resource consumption.
The team can analyze and respond to resource exhaustion incidents, reducing the impact of attacks that exploit uncontrolled consumption weaknesses.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE enables remote exploitation of public-facing MQTT broker (T1190) to trigger application crash via resource exhaustion (T1499.004).
NVD Description
NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors (FDs). This exhaustion triggers a process…
more
crash, rendering the broker unable to provide services.
Deeper analysisAI
CVE-2024-48077 is a Denial of Service (DoS) vulnerability in NanoMQ version 0.22.7 due to improper resource throttling, mapped to CWE-400 (Uncontrolled Resource Consumption) and CWE-833 (Deadlock). A crafted sequence of requests causes the recv-q queue to saturate, resulting in rapid exhaustion of system file descriptors (FDs). This exhaustion triggers a process crash, preventing the broker from providing services. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high availability impact with no confidentiality or integrity effects.
Any unauthenticated attacker with network access to the NanoMQ broker can exploit this vulnerability. By sending a specially crafted sequence of requests, the attacker saturates the recv-q queue, exhausts FDs, and crashes the broker process, leading to a complete denial of service where the broker becomes unresponsive and unable to handle MQTT traffic or other services.
Mitigation details and potential patches are referenced in the GitHub gist at https://gist.github.com/pengwGit/2379e7a8fe75d09621f7c060db0237c4 and the official NanoMQ repository at https://github.com/nanomq/nanomq. Security practitioners should consult these sources for updates, workarounds, or upgraded versions addressing the issue.
Details
- CWE(s)