📦 Connected Io

CVE-2023-33374 allows remote attackers to execute arbitrary operating system commands on Connected IO devices by abusing a management protocol feature. This vulnerability affects Connected IO v2.1.0 a...

CVE-2023-33376 is an argument injection vulnerability in Connected IO routers that allows attackers to execute arbitrary operating system commands on affected devices. This affects Connected IO v2.1.0...

Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message handling, allowing attackers to execute arbitrary operating system commands on affected devices. This af...

Connected IO devices v2.1.0 and earlier contain hard-coded MQTT credentials in firmware, allowing attackers to connect to the MQTT broker and impersonate devices. This enables authentication bypass th...