Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8491 matches found

Cvelist
Cvelistadded 2022/10/25 4:34 p.m.15 views

CVE-2022-35881

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS9AI score0.00134EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.11 views

CVE-2022-35881

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00134EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.63 views

CVE-2022-35880

CVE-2022-35880 concerns Abode Systems iota All-In-One Security Kit (firmware 6.9Z and 6.9X). Talos documents four UPnP logging format-string injection vulnerabilities in the device’s UPnP logging code paths, exploitable via crafted UPnP negotiation responses. The root cause is format-string misus...

8.8CVSS8.7AI score0.00134EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.12 views

CVE-2022-35880

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00134EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.68 views

CVE-2022-35879

Summary (CVE-2022-35879) Abode Systems iota All-In-One Security Kit (versions 6.9Z and 6.9X) contains UPnP logging format-string injection vulnerabilities. Root cause: attacker-controlled data exposed to a vulnerable log() path (via DoEnumUPnPService and DoUpdateUPnPbyService), which uses vsnprin...

8.8CVSS8.7AI score0.00134EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.3 views

CVE-2022-35879

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00134EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.14 views

CVE-2022-35879

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS9AI score0.00134EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.64 views

CVE-2022-35878

The provided TALOS/NVD entries describe CVE-2022-35878 as four UPnP logging format-string injection vulnerabilities in Abode Systems, Inc. iota All-In-One Security Kit (firmware 6.9Z/6.9X). The root cause is attacker-controlled format string data passed to a vulnerable log function from DoEnumUPn...

8.8CVSS8.7AI score0.00134EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.13 views

CVE-2022-35878

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS9AI score0.00134EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.8 views

CVE-2022-35878

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

7.1CVSS8.8AI score0.00134EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.5 views

CVE-2022-35877

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.5AI score0.00504EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.75 views

CVE-2022-35877

Abode Systems iota All-In-One Security Kit (versions 6.9X and 6.9Z) contains four format string injection flaws in the XCMD handler testWifiAP, caused by improper handling of the default_key_id configuration parameter. This leads to memory corruption, information disclosure, and denial of service...

9.8CVSS9.4AI score0.00504EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.18 views

CVE-2022-35877

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.7AI score0.00504EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.15 views

CVE-2022-35876

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.7AI score0.00504EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.7 views

CVE-2022-35876

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.5AI score0.00504EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.73 views

CVE-2022-35876

Four format-string injection vulnerabilities exist in Abode Systems, Inc. iota All-In-One Security Kit (firmware 6.9X/6.9Z) within the XCMD testWifiAP path. The root cause is usage of attacker-controlled configuration values (default_key_id and key) in log/command construction for Wi‑Fi setup, en...

9.8CVSS9.4AI score0.00504EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/25 4:34 p.m.5 views

CVE-2022-35875

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.5AI score0.00504EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.14 views

CVE-2022-35875

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.7AI score0.00504EPSS
Exploits1References1
CVE
CVEadded 2022/10/25 4:34 p.m.57 views

CVE-2022-35875

Abode Systems, Inc. iota All-In-One Security Kit (versions 6.9X and 6.9Z) exposes four format-string injection flaws in the testWifiAP XCMD handler. The root cause is improper use of format strings when logging commands constructed from attacker-supplied Wi‑Fi configuration values (ssid/ssid_hex,...

9.8CVSS9.4AI score0.00504EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/10/25 4:34 p.m.14 views

CVE-2022-35874

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

8.2CVSS9.7AI score0.00504EPSS
Exploits1References1
Rows per page
Query Builder