Vulnerabilities > Use of Externally-Controlled Format String

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-35875 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
 9.8
9.8
2022-10-25 CVE-2022-35876 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
 9.8
9.8
2022-10-25 CVE-2022-35877 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
critical
 9.8
9.8
2022-10-25 CVE-2022-35878 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35879 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35880 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35881 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc.
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35884 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35885 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35886 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
8.8