← voltar
CVE-2020-8105

Command Execution due to unsanitized input

CVSS 9.6 CRITICALEPSS 1.0%CWE-78
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Abode · iota All-In-One Security Kit

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-theabode-iota-security-system-fake-image-injectioninto-timeline