cve/2020/CVE-2020-8105.md

CVE-2020-8105

Description

OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz.

POC

Reference

• https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-theabode-iota-security-system-fake-image-injectioninto-timeline

Github

No PoCs found on GitHub currently.