VAR-202210-1390
Vulnerability from variot - Updated: 2024-08-14 14:02Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via ST and Location HTTP response headers, as used within the DoEnumUPnPService action handler. Abode Systems, Inc. of Abode iota All-In-One Security Kit A format string vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Abode Iota is a solid DIY home security system from Abode Corporation
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202210-1390",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iota all-in-one security kit",
"scope": "eq",
"trust": 1.0,
"vendor": "goabode",
"version": "6.9z"
},
{
"model": "iota all-in-one security kit",
"scope": "eq",
"trust": 1.0,
"vendor": "goabode",
"version": "6.9x"
},
{
"model": "iota all-in-one security kit",
"scope": "eq",
"trust": 0.8,
"vendor": "abode",
"version": "abode iota all-in-one security kit firmware 6.9z"
},
{
"model": "iota all-in-one security kit",
"scope": "eq",
"trust": 0.8,
"vendor": "abode",
"version": null
},
{
"model": "iota all-in-one security kit",
"scope": "eq",
"trust": 0.8,
"vendor": "abode",
"version": "abode iota all-in-one security kit firmware 6.9x"
},
{
"model": "iota all-in-one security kit",
"scope": null,
"trust": 0.8,
"vendor": "abode",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Matt Wiseman of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
}
],
"trust": 0.6
},
"cve": "CVE-2022-35878",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2022-35878",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-35878",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-35878",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "talos-cna@cisco.com",
"id": "CVE-2022-35878",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-35878",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-35878",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202210-1488",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `ST` and `Location` HTTP response headers, as used within the `DoEnumUPnPService` action handler. Abode Systems, Inc. of Abode iota All-In-One Security Kit A format string vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Abode Iota is a solid DIY home security system from Abode Corporation",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-35878"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"db": "VULHUB",
"id": "VHN-429596"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-35878",
"trust": 3.3
},
{
"db": "TALOS",
"id": "TALOS-2022-1583",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-019830",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1488",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-429596",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-429596"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"id": "VAR-202210-1390",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-429596"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:02:15.409000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-134",
"trust": 1.0
},
{
"problemtype": "Format string problem (CWE-134) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2022-1583"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-35878"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-35878/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-429596"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-429596"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-429596"
},
{
"date": "2023-10-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"date": "2022-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"date": "2022-10-25T17:15:54.737000",
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-429596"
},
{
"date": "2023-10-27T08:14:00",
"db": "JVNDB",
"id": "JVNDB-2022-019830"
},
{
"date": "2022-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-1488"
},
{
"date": "2022-10-27T15:58:32.627000",
"db": "NVD",
"id": "CVE-2022-35878"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abode\u00a0Systems,\u00a0Inc.\u00a0 of \u00a0Abode\u00a0iota\u00a0All-In-One\u00a0Security\u00a0Kit\u00a0 Format string vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-019830"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "format string error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1488"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…