Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abode vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5531
The Abode (aka abode.webview) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Goabode Abode 1.7
7.8
CVSSv3
CVE-2020-8105
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an malicious user to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions before 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_...
Goabode Iota All-in-one Security Kit Firmware
9.8
CVSSv3
CVE-2022-29520
An OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send an XML payload to trigger this vulnerability.
Goabode Iota All-in-one Security Kit Firmware 6.9z
9.8
CVSSv3
CVE-2022-33189
An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send a malicious XML payload to trigger this vulnerability.
Goabode Iota All-in-one Security Kit Firmware 6.9z
7.5
CVSSv3
CVE-2022-32760
A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to denial of service. An attacker can send a malicious XML payload to trigger this vulnerability.
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
8.8
CVSSv3
CVE-2022-32775
An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to memory corruption. An attacker can make an authenticated HTTP reques...
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
6.5
CVSSv3
CVE-2022-32574
A double-free vulnerability exists in the web interface /action/ipcamSetParamPost functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to memory corruption. An attacker can make an authenticated HTTP request to...
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
9.8
CVSSv3
CVE-2022-27804
An os command injection vulnerability exists in the web interface util_set_abode_code functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to...
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
9.8
CVSSv3
CVE-2022-27805
An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted network request can lead to arbitrary XCMD execution. An attacker can send a malicious XML payload to trigger th...
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
9.8
CVSSv3
CVE-2022-32773
An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send a malicious XML payload to trigger this vulnera...
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »