3 matches found
CVE-2022-35876
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...
CVE-2022-35876
Four format-string injection vulnerabilities exist in Abode Systems, Inc. iota All-In-One Security Kit (firmware 6.9X/6.9Z) within the XCMD testWifiAP path. The root cause is usage of attacker-controlled configuration values (default_key_id and key) in log/command construction for Wi‑Fi setup, en...
CVE-2022-35876
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...