Описание
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.2.23_6.9v_dev_t2_homekit_rf_2.0.19_s2_kvsabode_oz (исключая)
Одновременно
cpe:2.3:o:goabode:iota_all-in-one_security_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:goabode:iota_all-in-one_security_kit:-:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00353
Низкий
9.6 Critical
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78
CWE-78
Связанные уязвимости
github
около 4 лет назад
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz.
EPSS
Процентиль: 57%
0.00353
Низкий
9.6 Critical
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78
CWE-78