Vulnerabilities > Goabode

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-27804 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An os command injection vulnerability exists in the web interface util_set_abode_code functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.8
2022-10-25 CVE-2022-27805 Improper Access Control vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-284
critical
9.8
2022-10-25 CVE-2022-29472 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the web interface util_set_serial_mac functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.8
2022-10-25 CVE-2022-29475 Authentication Bypass by Capture-replay vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc.
network
high complexity
goabode CWE-294
8.1
2022-10-25 CVE-2022-29477 Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An authentication bypass vulnerability exists in the web interface /action/factory* functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-798
critical
9.8
2022-10-25 CVE-2022-29520 Leftover Debug Code vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
An OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-489
critical
9.8
2022-10-25 CVE-2022-29889 Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-798
critical
9.8
2022-10-25 CVE-2022-30541 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.8
2022-10-25 CVE-2022-30603 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the web interface /action/iperf functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
8.8
2022-10-25 CVE-2022-32454 Stack-based Buffer Overflow vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-121
critical
9.8