Argument Injection Vulnerability in Connected IO v2.1.0 and Prior

Argument Injection Vulnerability in Connected IO v2.1.0 and Prior

CVE-2023-33378 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices.

Learn more about our Web Application Penetration Testing UK.