opto22

Opto 22’s groov View platform has a serious information‑disclosure flaw that can leak API keys and other sensitive metadata from the users endpoint — a weakness tracked as CVE-2025-13084 and described in a coordinated advisory that urges an immediate update to patched software and firmware...

A critical command‑injection flaw has been reported in the groov Manage REST API used by Opto22’s GRV‑EPIC and groov RIO families, allowing an authenticated administrator‑level API request to inject shell commands that execute with root privileges; vendor firmware updates and CISA guidance...