Kramerav: >> Via Go2 Security Vulnerabilities
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.
CVSS Score
9.1
EPSS Score
0.0
Published
2023-08-09
In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-09
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-31
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-31
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution (RCE).
CVSS Score
9.8
EPSS Score
0.02
Published
2023-05-31