2 matches found
CVE-2022-33194
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...
CVE-2022-33194
CVE-2022-33194 affects Abode Systems iota All-In-One Security Kit (versions 6.9X/6.9Z). The vulnerability lies in testWifiAP handling of WiFi config values: WL_Key and WL_DefaultKeyID are injected directly into OS commands (popen) without sanitization, via do_test_wifiap when WL_AuthMode is SHARE...