Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8515 matches found

Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.5 views

CVE-2022-35884

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...

8.2CVSS8.7AI score0.01252EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.23 views

CVE-2022-35884

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...

8.2CVSS8.9AI score0.01252EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.61 views

CVE-2022-35884

CVE-2022-35884 concerns Abode Systems iota All-In-One Security Kit (versions 6.9Z–6.9X). The vulnerability is a format string injection in the web interface’s /action/wirelessConnect handler, triggered via the ssid_hex parameter in authenticated HTTP requests. The flaw can cause memory corruption...

8.8CVSS8.9AI score0.01252EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.15 views

CVE-2022-35881

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS9AI score0.00792EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.64 views

CVE-2022-35881

The CVE-2022-35881 issue affects Abode Systems’ iota All-In-One Security Kit (firmware 6.9Z/6.9X) via UPnP logging format string injections. TALOS details show multiple vulnerable code paths in the UPnP handling where attacker-controlled fields (Location, ST, controlURL, and SOAP responses) are i...

8.8CVSS8.7AI score0.00792EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.11 views

CVE-2022-35881

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00792EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.12 views

CVE-2022-35880

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00792EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.67 views

CVE-2022-35880

CVE-2022-35880 concerns Abode Systems iota All-In-One Security Kit (firmware 6.9Z and 6.9X). Talos documents four UPnP logging format-string injection vulnerabilities in the device’s UPnP logging code paths, exploitable via crafted UPnP negotiation responses. The root cause is format-string misus...

8.8CVSS8.7AI score0.00792EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/10/25 4:34 p.m.70 views

CVE-2022-35879

Summary (CVE-2022-35879) Abode Systems iota All-In-One Security Kit (versions 6.9Z and 6.9X) contains UPnP logging format-string injection vulnerabilities. Root cause: attacker-controlled data exposed to a vulnerable log() path (via DoEnumUPnPService and DoUpdateUPnPbyService), which uses vsnprin...

8.8CVSS8.7AI score0.00792EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.19 views

CVE-2022-35879

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS9AI score0.00792EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.4 views

CVE-2022-35879

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00792EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.8 views

CVE-2022-35878

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00792EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.15 views

CVE-2022-35878

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS9AI score0.00792EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.68 views

CVE-2022-35878

The provided TALOS/NVD entries describe CVE-2022-35878 as four UPnP logging format-string injection vulnerabilities in Abode Systems, Inc. iota All-In-One Security Kit (firmware 6.9Z/6.9X). The root cause is attacker-controlled format string data passed to a vulnerable log function from DoEnumUPn...

8.8CVSS8.7AI score0.00792EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.28 views

CVE-2022-35877

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.7AI score0.00869EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.77 views

CVE-2022-35877

Abode Systems iota All-In-One Security Kit (versions 6.9X and 6.9Z) contains four format string injection flaws in the XCMD handler testWifiAP, caused by improper handling of the default_key_id configuration parameter. This leads to memory corruption, information disclosure, and denial of service...

9.8CVSS9.4AI score0.00869EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.5 views

CVE-2022-35877

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.5AI score0.00869EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.77 views

CVE-2022-35876

Four format-string injection vulnerabilities exist in Abode Systems, Inc. iota All-In-One Security Kit (firmware 6.9X/6.9Z) within the XCMD testWifiAP path. The root cause is usage of attacker-controlled configuration values (default_key_id and key) in log/command construction for Wi‑Fi setup, en...

9.8CVSS9.4AI score0.00861EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.25 views

CVE-2022-35876

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.7AI score0.00861EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.8 views

CVE-2022-35876

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.5AI score0.00861EPSS
Exploits1References1
Rows per page
Query Builder