Command Injection Flaw in Abode Systems iota Security Kit
CVE-2022-29472
10CRITICAL
What is CVE-2022-29472?
An OS command injection vulnerability impacts the web interface's util_set_serial_mac functionality of Abode Systems, Inc. iota All-In-One Security Kit. By crafting a malicious HTTP request, an attacker could execute arbitrary commands on the device, potentially compromising its security and functionality. Promptly securing devices against this type of threat is essential to maintain safe operation.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
iota All-In-One Security Kit 6.9X
iota All-In-One Security Kit 6.9Z
References
CVSS V3.1
Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
CVSS V3.0
Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved