3 matches found
CVE-2022-33938
A format string injection vulnerability exists in the ghomeprocesscontrolpacket functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted XCMD can lead to memory corruption, information disclosure and denial of service. An attacker can send a malicious X...
CVE-2022-33938
The CVE-2022-33938 entry concerns Abode Systems iota All-In-One Security Kit, affected in versions 6.9Z and 6.9X. The concrete issue is a format-string injection in the ghome_process_control_packet function, triggered by a crafted XML payload sent to the device, which can cause memory corruption,...
Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit could allow attacker to take over cameras, remotely disable them
Matt Wiseman of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit. This kit includes a main security camera and hub that can alert users of unwanted movement in their homes. It also includes...