Vulnerabilities > Goabode > Iota ALL IN ONE Security KIT Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-29477 | Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An authentication bypass vulnerability exists in the web interface /action/factory* functionality of Abode Systems, Inc. | 9.8 |
| 2022-10-25 | CVE-2022-29472 | OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An OS command injection vulnerability exists in the web interface util_set_serial_mac functionality of Abode Systems, Inc. | 9.8 |
| 2022-10-25 | CVE-2022-27805 | Improper Access Control vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc. | 9.8 |
| 2022-10-25 | CVE-2022-27804 | OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An os command injection vulnerability exists in the web interface util_set_abode_code functionality of Abode Systems, Inc. | 9.8 |