Vulnerabilities > Goabode > Iota ALL IN ONE Security KIT Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-29475 | Authentication Bypass by Capture-replay vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. | 8.1 |
| 2022-10-25 | CVE-2022-30603 | OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An OS command injection vulnerability exists in the web interface /action/iperf functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-32586 | OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An OS command injection vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-32760 | Leftover Debug Code vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. | 7.5 |
| 2022-10-25 | CVE-2022-32775 | Integer Overflow or Wraparound vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-35878 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-35879 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-35880 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-35881 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. | 8.8 |
| 2022-10-25 | CVE-2022-35884 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. | 8.8 |