Vulnerabilities > Goabode

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33204 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.9
2022-10-25 CVE-2022-33205 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.9
2022-10-25 CVE-2022-33206 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.9
2022-10-25 CVE-2022-33207 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
9.9
2022-10-25 CVE-2022-33938 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
A format string injection vulnerability exists in the ghome_process_control_packet functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
9.8
2022-10-25 CVE-2022-35244 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc.
network
low complexity
goabode CWE-134
critical
9.8
2022-10-25 CVE-2022-35874 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
9.8
2022-10-25 CVE-2022-35875 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
9.8
2022-10-25 CVE-2022-35876 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
9.8
2022-10-25 CVE-2022-35877 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
9.8