← back
CVE-2023-33374

CVE-2023-33374

EPSS 1.3%
Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. Attackers abusing this dangerous functionality may issue all devices OS commands to execute, resulting in arbitrary remote command execution.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://claroty.com/team82/disclosure-dashboard/cve-2023-33374https://www.connectedio.com/products/routers