Vulnerabilities > Kramerav > VIA GO2 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-09 CVE-2023-33468 Incorrect Authorization vulnerability in Kramerav VIA Connect2 Firmware and VIA GO2 Firmware
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device.
network
low complexity
kramerav CWE-863
critical
 9.1
9.1
2023-05-31 CVE-2023-33509 SQL Injection vulnerability in Kramerav VIA GO2 Firmware
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection.
network
low complexity
kramerav CWE-89
critical
 9.8
9.8
2023-05-31 CVE-2023-33508 Unrestricted Upload of File with Dangerous Type vulnerability in Kramerav VIA GO2 Firmware
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution (RCE).
network
low complexity
kramerav CWE-434
critical
 9.8
9.8