Vulnerabilities > Goabode

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-35878 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35879 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35880 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35881 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35884 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35885 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35886 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
2022-10-25 CVE-2022-35887 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
2021-12-20 CVE-2020-8105 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access.
local
low complexity
goabode CWE-78
7.2
2014-09-09 CVE-2014-5531 Cryptographic Issues vulnerability in Goabode Abode 1.7
The Abode (aka abode.webview) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5.4