cbcvebase.

Insteon Hub Firmware vulnerabilities

97 known vulnerabilities affecting insteon/hub_firmware.

Total CVEs
97
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL87HIGH10

Vulnerabilities

Page 5 of 5
CVE-2017-16277P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16277 [CRITICAL] CWE-121 CVE-2017-16277: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16287P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16287 [CRITICAL] CWE-121 CVE-2017-16287: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16282P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16282 [CRITICAL] CWE-121 CVE-2017-16282: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16276P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16276 [CRITICAL] CWE-121 CVE-2017-16276: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16271P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16271 [CRITICAL] CWE-121 CVE-2017-16271: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16286P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16286 [CRITICAL] CWE-121 CVE-2017-16286: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16272P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16272 [CRITICAL] CWE-121 CVE-2017-16272: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16275P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16275 [CRITICAL] CWE-121 CVE-2017-16275: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16274P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16274 [CRITICAL] CWE-121 CVE-2017-16274: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-16319P3CRITICALCVSS 9.9v10122023-01-11
CVE-2017-16319 [CRITICAL] CWE-121 CVE-2017-16319: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger t
nvd
CVE-2017-14446P3CRITICALCVSS 9.9v10122018-08-02
CVE-2017-14446 [CRITICAL] CWE-787 CVE-2017-14446: An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware vers An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger this vulnerability.
nvd
CVE-2017-16252P3HIGHCVSS 8.1v10122018-08-06
CVE-2017-16252 [HIGH] CWE-787 CVE-2017-16252: Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware ver Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the value for the cmd key is copied using strcpy to the buffer at $sp+0x11c.
nvd
CVE-2017-16255P3HIGHCVSS 8.1v10122019-03-21
CVE-2017-16255 [HIGH] CWE-120 CVE-2017-16255: An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-2 An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at At 0x9d014e84 the value for the cmd1 key is
nvd
CVE-2017-16254P3HIGHCVSS 8.1v10122019-03-21
CVE-2017-16254 [HIGH] CWE-787 CVE-2017-16254: An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-2 An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at 0x9d014e4c the value for the flg key is copi
nvd
CVE-2017-16253P3HIGHCVSS 8.1v10122019-03-21
CVE-2017-16253 [HIGH] CWE-787 CVE-2017-16253: An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-2 An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authentica
nvd
CVE-2017-14447P3HIGHCVSS 7.7v10122018-08-06
CVE-2017-14447 [HIGH] CWE-119 CVE-2017-14447: An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' chann An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnera
nvd
CVE-2018-3834P3HIGHCVSS 7.4v10132018-08-02
CVE-2018-3834 [HIGH] CWE-346 CVE-2018-3834: An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware vers An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the kind of firmware image that is going to be installed and thus allows for flashing any signed fir
nvd
Insteon Hub Firmware vulnerabilities | cvebase