Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing attackers to exfiltrate the credentials and use them to impersonate the devices.
https://www.connectedio.com/products/routers
https://claroty.com/team82/disclosure-dashboard/cve-2023-33373