Details of VAR-202210-1396

ID

VAR-202210-1396

CVE

CVE-2022-35886

TITLE

Abode Systems, Inc. of Abode iota All-In-One Security Kit Format string vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-019824

DESCRIPTION

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `default_key_id` and `key` HTTP parameters, as used within the `/action/wirelessConnect` handler. Abode Systems, Inc. of Abode iota All-In-One Security Kit A format string vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Abode Iota is a solid DIY home security system from Abode Corporation

Trust: 2.25

sources: NVD: CVE-2022-35886 // JVNDB: JVNDB-2022-019824 // CNNVD: CNNVD-202210-1473 // VULHUB: VHN-432128

AFFECTED PRODUCTS

vendor:	goabode	model:	iota all-in-one security kit	scope:	eq	version:	6.9z	Trust: 1.0
vendor:	goabode	model:	iota all-in-one security kit	scope:	eq	version:	6.9x	Trust: 1.0
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	abode iota all-in-one security kit firmware 6.9z	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	-	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	abode iota all-in-one security kit firmware 6.9x	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-019824 // NVD: CVE-2022-35886

CVSS

SEVERITY

CVSSV2

CVSSV3

talos-cna@cisco.com:	CVE-2022-35886
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2022-35886
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-35886
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-1473
value:	HIGH
Trust: 0.6

talos-cna@cisco.com:	CVE-2022-35886
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.0
Trust: 1.0
nvd@nist.gov:	CVE-2022-35886
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-35886
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019824 // CNNVD: CNNVD-202210-1473 // NVD: CVE-2022-35886 // NVD: CVE-2022-35886

PROBLEMTYPE DATA

problemtype:	CWE-134	Trust: 1.0
problemtype:	Format string problem (CWE-134) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-019824 // NVD: CVE-2022-35886

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-1473

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-202210-1473

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35886	Trust: 3.3
db:	TALOS	id:	TALOS-2022-1585	Trust: 2.5
db:	JVNDB	id:	JVNDB-2022-019824	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-1473	Trust: 0.6
db:	VULHUB	id:	VHN-432128	Trust: 0.1

sources: VULHUB: VHN-432128 // JVNDB: JVNDB-2022-019824 // CNNVD: CNNVD-202210-1473 // NVD: CVE-2022-35886

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2022-1585	Trust: 3.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35886	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-35886/	Trust: 0.6

sources: VULHUB: VHN-432128 // JVNDB: JVNDB-2022-019824 // CNNVD: CNNVD-202210-1473 // NVD: CVE-2022-35886

CREDITS

Discovered by Matt Wiseman of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202210-1473

SOURCES

db:	VULHUB	id:	VHN-432128
db:	JVNDB	id:	JVNDB-2022-019824
db:	CNNVD	id:	CNNVD-202210-1473
db:	NVD	id:	CVE-2022-35886

LAST UPDATE DATE

2024-08-14T14:24:29.009000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-432128	date:	2022-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2022-019824	date:	2023-10-27T08:13:00
db:	CNNVD	id:	CNNVD-202210-1473	date:	2022-10-31T00:00:00
db:	NVD	id:	CVE-2022-35886	date:	2022-10-27T15:18:06.890

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-432128	date:	2022-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2022-019824	date:	2023-10-27T00:00:00
db:	CNNVD	id:	CNNVD-202210-1473	date:	2022-10-20T00:00:00
db:	NVD	id:	CVE-2022-35886	date:	2022-10-25T17:15:55.080