CVE-2022-35885
Four format-string injection vulnerabilities exist in Abode Systems iota All-In-One Security Kit web interface (version 6.9Z/6.9X) under /action/wirelessConnect. The issue stems from misusing a device log function as a format string argument (eg. for cmd_buffer constructed from parameters like wp...