CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7638 matches found

OSV•added 2022/10/25 5:15 p.m.•3 views

CVE-2022-29472

An OS command injection vulnerability exists in the web interface utilsetserialmac functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this...

9.8CVSS5.9AI score0.04433EPSS

Exploits1References1

NVD•added 2022/10/25 5:15 p.m.•9 views

CVE-2022-29889

A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. Use of a hard-coded root password can lead to arbitrary command execution. An attacker can authenticate with hard-coded credentials to trigger this vulnerability...

9.8CVSS0.01117EPSS

Exploits1References1

Prion•added 2022/10/25 5:15 p.m.•13 views

Command injection

An OS command injection vulnerability exists in the web interface /action/iperf functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger...

6.5CVSS8.9AI score0.05332EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•11 views

Hardcoded credentials

7.5CVSS9.7AI score0.01117EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•27 views

Command injection

An os command injection vulnerability exists in the web interface utilsetabodecode functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this...

7.5CVSS9.7AI score0.03635EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•9 views

Command injection

7.5CVSS9.7AI score0.04433EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•12 views

Command injection

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

6.5CVSS9.8AI score0.04183EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•23 views

Command injection

6.5CVSS9.8AI score0.04222EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•15 views

Command injection

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

7.5CVSS10AI score0.03073EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•23 views

Command injection

An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send a malicious XML payload to trigger this vulnerability...

7.5CVSS9.7AI score0.03244EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•19 views

Command injection

An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

5.8CVSS7.2AI score0.0338EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•14 views

Command injection

7.5CVSS10AI score0.03244EPSS

Exploits1References1Affected Software1

Prion•added 2022/10/25 5:15 p.m.•18 views

Command injection

An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.5CVSS9.7AI score0.03455EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2022/10/25 4:34 p.m.•7 views

CVE-2022-34850

9.1CVSS7.2AI score0.0338EPSS

Exploits1References1

Cvelist•added 2022/10/25 4:34 p.m.•31 views

CVE-2022-34850

9.1CVSS7.4AI score0.0338EPSS

Exploits1References1

Vulnrichment•added 2022/10/25 4:33 p.m.•9 views

CVE-2022-33207

10CVSS9.9AI score0.04222EPSS

Exploits1References1

Cvelist•added 2022/10/25 4:33 p.m.•22 views

CVE-2022-33207

10CVSS10AI score0.04222EPSS

Exploits1References1

Vulnrichment•added 2022/10/25 4:33 p.m.•7 views

CVE-2022-33205

10CVSS10AI score0.04183EPSS

Exploits1References1

Cvelist•added 2022/10/25 4:33 p.m.•21 views

CVE-2022-33194

10CVSS10AI score0.03073EPSS

Exploits1References1

CVE•added 2022/10/25 4:33 p.m.•49 views

CVE-2022-33194

CVE-2022-33194 affects Abode Systems iota All-In-One Security Kit (versions 6.9X/6.9Z). The vulnerability lies in testWifiAP handling of WiFi config values: WL_Key and WL_DefaultKeyID are injected directly into OS commands (popen) without sanitization, via do_test_wifiap when WL_AuthMode is SHARE...

10CVSS10AI score0.03073EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by