Lucene search
K

316 matches found

NVD
NVD
added 2022/10/25 5:15 p.m.11 views

CVE-2022-30603

An OS command injection vulnerability exists in the web interface /action/iperf functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger...

10CVSS0.05332EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.20 views

CVE-2022-32454

A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to remote code execution. An attacker can send a malicious XML payload to trigger this vulnerability...

10CVSS0.01559EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.23 views

CVE-2022-33193

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

10CVSS0.03073EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.10 views

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

9.8CVSS0.01117EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

9.8CVSS5.9AI score0.01117EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.28 views

CVE-2022-29475

An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this...

8.1CVSS0.00562EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.6 views

CVE-2022-27805

An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted network request can lead to arbitrary XCMD execution. An attacker can send a malicious XML payload to trigger this vulnerability...

9.8CVSS5.9AI score0.01291EPSS
Exploits0References1
OSV
OSV
added 2022/10/25 5:15 p.m.5 views

CVE-2022-29472

An OS command injection vulnerability exists in the web interface utilsetserialmac functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this...

9.8CVSS5.9AI score0.04433EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.5 views

CVE-2022-29520

An OS command injection vulnerability exists in the consolemainloop :sys functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send an XML payload to trigger this vulnerability...

9.8CVSS5.9AI score0.02803EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.12 views

CVE-2022-29477

An authentication bypass vulnerability exists in the web interface /action/factory functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP header can lead to authentication bypass. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS0.01218EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.7 views

CVE-2022-29472

An OS command injection vulnerability exists in the web interface utilsetserialmac functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this...

10CVSS0.04433EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.15 views

CVE-2022-27805

An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted network request can lead to arbitrary XCMD execution. An attacker can send a malicious XML payload to trigger this vulnerability...

9.8CVSS0.01291EPSS
Exploits0References1
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-29477

An authentication bypass vulnerability exists in the web interface /action/factory functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP header can lead to authentication bypass. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS5.8AI score0.01218EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.27 views

CVE-2022-29520

An OS command injection vulnerability exists in the consolemainloop :sys functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send an XML payload to trigger this vulnerability...

9.8CVSS0.02803EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.3 views

CVE-2022-27804

An os command injection vulnerability exists in the web interface utilsetabodecode functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this...

9.8CVSS5.9AI score0.03635EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-29475

An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this...

8.1CVSS5.8AI score0.00562EPSS
Exploits1References1
NVD
NVD
added 2022/10/25 5:15 p.m.35 views

CVE-2022-27804

An os command injection vulnerability exists in the web interface utilsetabodecode functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this...

9.8CVSS0.03635EPSS
Exploits1References1
Prion
Prion
added 2022/10/25 5:15 p.m.15 views

Denial of service

A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to denial of service. An attacker can send a malicious XML payload to trigger this vulnerability...

5CVSS7.3AI score0.00879EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/10/25 5:15 p.m.21 views

Command injection

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

7.5CVSS9.9AI score0.03244EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/10/25 5:15 p.m.13 views

Command injection

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

6.5CVSS9.9AI score0.04222EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder