Connectedio Connected Io — known CVE vulnerabilities
Every CVE whose affected-product data names Connectedio Connected Io, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-33372 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication…
CVE-2023-33373 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing attackers to exfiltrate the credentials and…
CVE-2023-33374 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS…
CVE-2023-33375 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take…
CVE-2023-33376 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol…
CVE-2023-33377 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol…
CVE-2023-33378 — CVSS 9.8 (critical): Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling…