Vulnerabilities > Goabode > Iota ALL IN ONE Security KIT Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33195 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 10.0
10
2022-10-25 CVE-2022-33194 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 10.0
10
2022-10-25 CVE-2022-33193 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 10.0
10
2022-10-25 CVE-2022-33192 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 10.0
10
2022-10-25 CVE-2022-33189 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-32773 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-32454 Stack-based Buffer Overflow vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-121
critical
 9.8
9.8
2022-10-25 CVE-2022-30541 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-29889 Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-798
critical
 9.8
9.8
2022-10-25 CVE-2022-29520 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
An OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8