3 matches found
CVE-2022-35878
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...
CVE-2022-35878
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...
CVE-2022-35878
The provided TALOS/NVD entries describe CVE-2022-35878 as four UPnP logging format-string injection vulnerabilities in Abode Systems, Inc. iota All-In-One Security Kit (firmware 6.9Z/6.9X). The root cause is attacker-controlled format string data passed to a vulnerable log function from DoEnumUPn...