IoT products are breaking new ground into widespread industries, introducing potential attack vectors to unprepared environments. There is no surprise that even the new generation of garage openers have evolved (or "have taken a step") into the world of IoT. Which means that they are connected to the Internet, called smart garages and are delivered with the goal to provide more security by merging features from the home surveillance boom. But do they keep what they promise?
This thesis has evaluated the security of one particular smart garage that is being sold worldwide -- redacted. Penetration testing was conducted with focus on the web application. A total of eleven vulnerabilities were reported, including a one-click-root attack combining three of them into providing an unauthenticated remote attacker with a root shell. The conclusion made was that the product had improvements that coulde be done to its security.