{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T14:33:27.738","vulnerabilities":[{"cve":{"id":"CVE-2023-33374","sourceIdentifier":"cve@mitre.org","published":"2023-08-04T18:15:12.183","lastModified":"2024-11-21T08:05:30.293","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. Attackers abusing this dangerous functionality may issue all devices OS commands to execute, resulting in arbitrary remote command execution."},{"lang":"es","value":"Connected IO v2.1.0 y anteriores tiene un comando como parte de su protocolo de comunicación que permite a la plataforma de gestión especificar comandos de SO arbitrarios para que los dispositivos los ejecuten. Los atacantes que abusen de esta peligrosa funcionalidad pueden enviar a todos los dispositivos comandos del sistema operativo para su ejecución, lo que resulta en la ejecución remota de comandos arbitrarios.\n"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:connectedio:connected_io:*:*:*:*:*:*:*:*","versionEndIncluding":"2.1.0","matchCriteriaId":"AF690623-7129-4811-9897-90ECE1F8DFDA"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-33374","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.connectedio.com/products/routers","source":"cve@mitre.org","tags":["Product"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-33374","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.connectedio.com/products/routers","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}}]}