mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-04 18:08:00 +02:00
0xMarcio
1.1 KiB
1.1 KiB
CVE-2022-33192
&color=brighgreen)
Description
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This vulnerability specifically focuses on the unsafe use of the WL_SSID and WL_SSID_HEX configuration values in the function at offset 0x1c7d28 of firmware 6.9Z.
POC
Reference
Github
No PoCs found on GitHub currently.