Vulnerability Description
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kramerav | Via Go2 Firmware | < 4.0.1.1326 |
| Kramerav | Via Go2 | - |
| Kramerav | Via Connect2 Firmware | < 4.0.1.1326 |
| Kramerav | Via Connect2 | - |
Related Weaknesses (CWE)
References
- http://kramerav.comNot Applicable
- https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33468ExploitThird Party Advisory
- http://kramerav.comNot Applicable
- https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33468ExploitThird Party Advisory
FAQ
What is CVE-2023-33468?
CVE-2023-33468 is a vulnerability with a CVSS score of 9.1 (CRITICAL). KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the co...
How severe is CVE-2023-33468?
CVE-2023-33468 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-33468?
Check the references section above for vendor advisories and patch information. Affected products include: Kramerav Via Go2 Firmware, Kramerav Via Go2, Kramerav Via Connect2 Firmware, Kramerav Via Connect2.