CVE-2022-33207
Abode iota All-In-One Security Kit (firmware 6.9X/6.9Z) is affected by CVE-2022-33207 through the /action/wirelessConnect web interface. The root cause is OS command injection due to unsanitized default_key_id usage when the authentication mode is SHARED or WEP; the command is executed as root vi...