2 matches found
CVE-2022-33195
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...
CVE-2022-33195
CVE-2022-33195 maps to OS command injection vulnerabilities in Abode Systems iota All-In-One Security Kit (versions 6.9X/6.9Z). The vulnerability stem(s) from the XCMD testWifiAP flow: wireless config is fetched and fed into do_test_wifiap, which builds and executes OS commands without proper san...