Connectedio Connected_io

7 CVEs affecting Connectedio Connected_io. Latest disclosed: 2023-08-04. Critical: 7, High: 0.

Top CVEs affecting Connectedio Connected_io
CVESeverityScorePublishedSummary
CVE-2023-33378Critical9.82023-08-04Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute ar…
CVE-2023-33377Critical9.82023-08-04Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers t…
CVE-2023-33376Critical9.82023-08-04Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol, enabling attackers to exec…
CVE-2023-33375Critical9.82023-08-04Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices.
CVE-2023-33374Critical9.82023-08-04Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices…
CVE-2023-33373Critical9.82023-08-04Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing attackers to exfiltrate the credentials and use them to impersonat…
CVE-2023-33372Critical9.82023-08-04Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacke…