Details of VAR-202210-1399

ID

VAR-202210-1399

CVE

CVE-2022-35885

TITLE

Abode Systems, Inc. of Abode iota All-In-One Security Kit Format string vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-019825

DESCRIPTION

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `wpapsk_hex` HTTP parameter, as used within the `/action/wirelessConnect` handler. Abode Systems, Inc. of Abode iota All-In-One Security Kit A format string vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Abode Iota is a solid DIY home security system from Abode Corporation

Trust: 2.25

sources: NVD: CVE-2022-35885 // JVNDB: JVNDB-2022-019825 // CNNVD: CNNVD-202210-1471 // VULHUB: VHN-432127

AFFECTED PRODUCTS

vendor:	goabode	model:	iota all-in-one security kit	scope:	eq	version:	6.9z	Trust: 1.0
vendor:	goabode	model:	iota all-in-one security kit	scope:	eq	version:	6.9x	Trust: 1.0
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	abode iota all-in-one security kit firmware 6.9z	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	-	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	abode iota all-in-one security kit firmware 6.9x	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-019825 // NVD: CVE-2022-35885

CVSS

SEVERITY

CVSSV2

CVSSV3

talos-cna@cisco.com:	CVE-2022-35885
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2022-35885
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-35885
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-1471
value:	HIGH
Trust: 0.6

talos-cna@cisco.com:	CVE-2022-35885
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.0
Trust: 1.0
nvd@nist.gov:	CVE-2022-35885
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-35885
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019825 // CNNVD: CNNVD-202210-1471 // NVD: CVE-2022-35885 // NVD: CVE-2022-35885

PROBLEMTYPE DATA

problemtype:	CWE-134	Trust: 1.0
problemtype:	Format string problem (CWE-134) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-019825 // NVD: CVE-2022-35885

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-1471

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-202210-1471

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35885	Trust: 3.3
db:	TALOS	id:	TALOS-2022-1585	Trust: 2.5
db:	JVNDB	id:	JVNDB-2022-019825	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-1471	Trust: 0.6
db:	VULHUB	id:	VHN-432127	Trust: 0.1

sources: VULHUB: VHN-432127 // JVNDB: JVNDB-2022-019825 // CNNVD: CNNVD-202210-1471 // NVD: CVE-2022-35885

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2022-1585	Trust: 3.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35885	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-35885/	Trust: 0.6

sources: VULHUB: VHN-432127 // JVNDB: JVNDB-2022-019825 // CNNVD: CNNVD-202210-1471 // NVD: CVE-2022-35885

CREDITS

Discovered by Matt Wiseman of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202210-1471

SOURCES

db:	VULHUB	id:	VHN-432127
db:	JVNDB	id:	JVNDB-2022-019825
db:	CNNVD	id:	CNNVD-202210-1471
db:	NVD	id:	CVE-2022-35885

LAST UPDATE DATE

2024-08-14T14:24:28.935000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-432127	date:	2022-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2022-019825	date:	2023-10-27T08:13:00
db:	CNNVD	id:	CNNVD-202210-1471	date:	2022-10-31T00:00:00
db:	NVD	id:	CVE-2022-35885	date:	2022-10-27T15:18:02.893

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-432127	date:	2022-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2022-019825	date:	2023-10-27T00:00:00
db:	CNNVD	id:	CNNVD-202210-1471	date:	2022-10-20T00:00:00
db:	NVD	id:	CVE-2022-35885	date:	2022-10-25T17:15:55.017