CVE-2020-8105
9.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Abode | iota All-In-One Security Kit | unspecified < 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz | affected |
Weaknesses
- CWE-78: CWE-78 OS Command Injection
Workarounds
An update to firmware version 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz fixes the issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.