cbcvebase.

Kramerav Via Go2 Firmware vulnerabilities

5 known vulnerabilities affecting kramerav/via_go2_firmware.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2

Vulnerabilities

Page 1 of 1
CVE-2023-33508P2CRITICALCVSS 9.8fixed in 4.0.1.13262023-05-31
CVE-2023-33508 [CRITICAL] CWE-434 CVE-2023-33508: KramerAV VIA GO² < 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code KramerAV VIA GO² < 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution (RCE).
nvd
CVE-2023-33468P3CRITICALCVSS 9.1fixed in 4.0.1.13262023-08-09
CVE-2023-33468 [CRITICAL] CWE-863 CVE-2023-33468: KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnera KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.
nvd
CVE-2023-33509P3CRITICALCVSS 9.8fixed in 4.0.1.13262023-05-31
CVE-2023-33509 [CRITICAL] CWE-89 CVE-2023-33509: KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection. KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection.
nvd
CVE-2023-33507P3HIGHCVSS 7.5fixed in 4.0.1.13262023-05-31
CVE-2023-33507 [HIGH] CVE-2023-33507: KramerAV VIA GO² < 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read. KramerAV VIA GO² < 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read.
nvd
CVE-2023-33469P3HIGHCVSS 7.8fixed in 4.0.1.13262023-08-09
CVE-2023-33469 [HIGH] CWE-94 CVE-2023-33469: In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connec In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level.
nvd
Kramerav Via Go2 Firmware vulnerabilities | cvebase