Vulnerabilities > Goabode > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-27804 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An os command injection vulnerability exists in the web interface util_set_abode_code functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-27805 Improper Access Control vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-284
critical
 9.8
9.8
2022-10-25 CVE-2022-29472 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the web interface util_set_serial_mac functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-29477 Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An authentication bypass vulnerability exists in the web interface /action/factory* functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-798
critical
 9.8
9.8
2022-10-25 CVE-2022-29520 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
An OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-29889 Use of Hard-coded Credentials vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-798
critical
 9.8
9.8
2022-10-25 CVE-2022-30541 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-32454 Stack-based Buffer Overflow vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-121
critical
 9.8
9.8
2022-10-25 CVE-2022-32773 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8
2022-10-25 CVE-2022-33189 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9Z
An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-78
critical
 9.8
9.8