Vulnerabilities > Kramerav > VIA GO2 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-09 CVE-2023-33468 Incorrect Authorization vulnerability in Kramerav VIA Connect2 Firmware and VIA GO2 Firmware
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device.
network
low complexity
kramerav CWE-863
critical
9.1
2023-08-09 CVE-2023-33469 Code Injection vulnerability in Kramerav VIA Connect2 Firmware and VIA GO2 Firmware
In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level.
local
low complexity
kramerav CWE-94
7.8
2023-05-31 CVE-2023-33507 Unspecified vulnerability in Kramerav VIA GO2 Firmware
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read.
network
low complexity
kramerav
7.5
2023-05-31 CVE-2023-33508 Unrestricted Upload of File with Dangerous Type vulnerability in Kramerav VIA GO2 Firmware
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution (RCE).
network
low complexity
kramerav CWE-434
critical
9.8
2023-05-31 CVE-2023-33509 SQL Injection vulnerability in Kramerav VIA GO2 Firmware
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection.
network
low complexity
kramerav CWE-89
critical
9.8