CVE-2023-33468

Description

KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.

Related CPE's

o kramerav via_go2_firmware ********

h kramerav via_go2 -*******

o kramerav via_connect2_firmware ********

h kramerav via_connect2 -*******

References

https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33468

ExploitThird Party Advisory

http://kramerav.com

Not Applicable

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io