Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistTalosCVELIST:CVE-2022-35880
HistoryOct 20, 2022 - 12:00 a.m.

CVE-2022-35880

2022-10-2000:00:00
CWE-134
talos
raw.githubusercontent.com
1

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.1%

JSON

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via NewInternalClient XML tag, as used within the DoUpdateUPnPbyService action handler.

Related

cve 1
prion 1
talos 1
cve
cve
CVE-2022-35880
2022-10-25 17:15:00
prion
prion
Format string
2022-10-25 17:15:00
talos
talos
Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities
2022-10-20 00:00:00

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.1%

JSON
Related for CVELIST:CVE-2022-35880
cve1prion1talos1