3 matches found
CVE-2022-35880
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...
CVE-2022-35880
CVE-2022-35880 concerns Abode Systems iota All-In-One Security Kit (firmware 6.9Z and 6.9X). Talos documents four UPnP logging format-string injection vulnerabilities in the device’s UPnP logging code paths, exploitable via crafted UPnP negotiation responses. The root cause is format-string misus...
CVE-2022-35880
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...