CVE-2022-32760

HIGH Year: 2022
CVSS v3 Score
8.6
High
Weakness Type
CWE-489
View all →

Vulnerability Description

A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to denial of service. An attacker can send a malicious XML payload to trigger this vulnerability.

Related Vulnerabilities

CVE-2023-1618

HIGH
CVSS:8.6(High)

Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 **** and prior allows a remote unauthenticated attacker to bypass authentication an...

CWE-4892023

CVE-2017-5259

HIGH
CVSS:8.8(High)

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscm...

CWE-4892017

CVE-2020-5756

HIGH
CVSS:8.8(High)

Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented API. An attacker can use this functionality to execute arbitrar...

CWE-4892020

CVE-2020-5763

HIGH
CVSS:8.8(High)

Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt.

CWE-4892020

CVE-2021-33591

HIGH
CVSS:8.8(High)

An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15.0 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

CWE-4892021

CVE-2024-31406

HIGH
CVSS:8.8(High)

Active debug code vulnerability exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may perform unauthoriz...

CWE-4892024