CVE-2022-35878

Name of the Vulnerable Software and Affected Versions Abode Systems, Inc. iota All-In-One Security Kit versions 6.9Z and 6.9X

Description The issue arises from format string injection vulnerabilities in the UPnP logging functionality. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities, which are caused by format string injection via ST and Location HTTP response headers in the DoEnumUPnPService action handler.

Recommendations For versions 6.9Z and 6.9X, consider restricting access to the UPnP logging functionality until a patch is available. As a temporary workaround, avoid using the DoEnumUPnPService action handler to minimize the risk of exploitation. Restrict the use of ST and Location HTTP response headers in the UPnP negotiation process to prevent format string injection attacks.