Primary

Context

Opto 22 Groov Products Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability has been identified in the Opto 22 Groov Manage REST API, specifically in GRV-EPIC and groov RIO products, all versions prior to 4.0.3. The vulnerability allows an attacker with administrative privileges to inject arbitrary commands that are executed with root privileges. This exploitation occurs when a POST request is sent to a vulnerable endpoint, where the application improperly processes certain header values to construct command executions.

Impact

Exploitation of this vulnerability allows for arbitrary command execution with root privileges on the affected device.

Remediation

Opto 22 has released a patch for this vulnerability. Users are advised to upgrade to GRV-EPIC and groov RIO firmware version 4.0.3 or later. Additional information can be found on the Opto 22 website.

Added: Nov 20, 2025, 10:22 PM

Updated: Nov 20, 2025, 10:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Opto 22 Groov Products Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Opto 22 GRV-EPIC-PR1

Opto 22 GRV-EPIC-PR2

Opto 22 groov RIO GRV-R7-MM2001-10

Opto 22 groov RIO GRV-R7-I1VAPM-3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating