56 matches found
KramerAV VIA Go and KramerAV VIA Connect Code Injection Vulnerabilities
KramerAV VIA Connect and KramerAV VIA Go are both products from KramerAV.KramerAV VIA Connect is a smart, secure, wireless and wired presentation and collaboration device.KramerAV VIA Go is a wireless device. Instant wireless connectivity with 4K advanced presentation capabilities for iOS, Androi...
PT-2023-24350 · Kramerav · Kramerav Via Connect +1
Name of the Vulnerable Software and Affected Versions: KramerAV VIA Connect 2 versions prior to 4.0.1.1326 KramerAV VIA Go 2 versions prior to 4.0.1.1326 Description: The issue allows for local code execution at the root level when the screen is visible and remote mouse connection is enabled. Thi...
PT-2023-24349 · Kramerav · Kramerav Via Connect +1
Name of the Vulnerable Software and Affected Versions: KramerAV VIA Connect 2 and VIA Go 2 versions prior to 4.0.1.1326 Description: The issue allows for remote manipulation of the device by extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the...
CVE-2023-33509
KramerAV VIA GO² 4.0.1.1326 is vulnerable to SQL Injection...
CVE-2023-33509
KramerAV VIA GO² 4.0.1.1326 is vulnerable to SQL Injection...
CVE-2023-33509
KramerAV VIA GO² 4.0.1.1326 is vulnerable to SQL Injection...
CVE-2023-33508
KramerAV VIA GO² 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution RCE...
CVE-2023-33508
KramerAV VIA GO² 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution RCE...
CVE-2023-33507
KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...
CVE-2023-33507
KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...
CVE-2023-33507
KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...
CVE-2023-33508
KramerAV VIA GO² 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution RCE...
Unrestricted file upload
KramerAV VIA GO² 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution RCE...
Sql injection
KramerAV VIA GO² 4.0.1.1326 is vulnerable to SQL Injection...
Design/Logic Flaw
KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...
CVE-2023-33509
CVE-2023-33509 affects KramerAV VIA GO² before version 4.0.1.1326, with a SQL injection vulnerability reported. The CVSS base metrics indicate CRITICAL impact to confidentiality, integrity, and availability (network attack, no user interaction). Remediation: update to 4.0.1.1326 or later where fi...
CVE-2023-33507
KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...
CVE-2023-33508
KramerAV VIA GO² 4.0.1.1326 is vulnerable to unauthenticated file upload resulting in Remote Code Execution RCE...
CVE-2023-33509
KramerAV VIA GO² 4.0.1.1326 is vulnerable to SQL Injection...
CVE-2023-33507
KramerAV VIA GO² versions before 4.0.1.1326 are vulnerable to an unauthenticated arbitrary file read. The issue affects the product’s handling of file access (no credentials required, network vector). Public references across multiple feeds corroborate that versions prior to 4.0.1.1326 are affect...