Lucene search
K

9 matches found

OSV
OSV
added 2022/10/25 5:15 p.m.3 views

CVE-2022-35887

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...

8.8CVSS5.8AI score0.01252EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.5 views

CVE-2022-33207

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

9.9CVSS6AI score0.04222EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.5 views

CVE-2022-33195

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

10CVSS6AI score0.03244EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-33206

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

9.9CVSS6AI score0.04183EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-33194

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

10CVSS6AI score0.03073EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/10/25 4:33 p.m.9 views

CVE-2022-33207

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

10CVSS9.9AI score0.04222EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.5 views

PT-2022-22997 · Abode Systems · Iota All-In-One Security Kit

Name of the Vulnerable Software and Affected Versions: Abode Systems, Inc. iota All-In-One Security Kit versions 6.9Z and 6.9X Description: The issue arises from format string injection via the default key id HTTP parameter in the /action/wirelessConnect handler. A specially-crafted HTTP request...

8.8CVSS8AI score0.01252EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.4 views

PT-2022-21744 · Abode Systems · Iota All-In-One Security Kit

Name of the Vulnerable Software and Affected Versions: Abode Systems, Inc. iota All-In-One Security Kit versions 6.9X and 6.9Z Description: The web interface /action/wirelessConnect functionality contains OS command injection vulnerabilities. A specially-crafted HTTP request can lead to arbitrary...

10CVSS9.7AI score0.04222EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.5 views

Abode Iota 格式化字符串错误漏洞

Abode Iota is a reliable Diy home security system from Abode. A format string error vulnerability exists in Abode Iota All-In-One Security Kit versions 6.9X and 6.9Z. The vulnerability stems from a format string injection vulnerability in the XCMD testWifiAP feature, which allows an attacker to...

9.8CVSS7.7AI score0.00869EPSS
Exploits1References3
Rows per page
Query Builder