2 matches found
CVE-2022-35887
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...
CVE-2022-35887
CVE-2022-35887 affects Abode Systems iota All-In-One Security Kit, versions 6.9Z and 6.9X. The issue stems from format string injection in the web interface’s /action/wirelessConnect handler, via the default_key_id HTTP parameter, leading to memory corruption, information disclosure, and potentia...