3 matches found
CVE-2022-27805
Talos reports CVE-2022-27805 affects Abode Systems iota All-In-One Security Kit (versions 6.9X and 6.9Z). The root cause is an authentication bypass in the GHOME control pathway: an unauthenticated UDP/55050 endpoint can accept XCMDs, allowing an attacker to execute or proxy commands on the devic...
CVE-2022-27805
An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted network request can lead to arbitrary XCMD execution. An attacker can send a malicious XML payload to trigger this vulnerability...
Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability
Talos Vulnerability Report TALOS-2022-1552 Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-27805 SUMMARY An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc...