Talos Insteon vulnerabilities
2 known vulnerabilities affecting talos/insteon.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-16252P3HIGHCVSS 8.1vInsteon Hub 2245-222 - Firmware version 10122018-08-06
CVE-2017-16252 [HIGH] CWE-787 CVE-2017-16252: Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware ver
Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the value for the cmd key is copied using strcpy to the buffer at $sp+0x11c.
nvd
CVE-2017-14447P3HIGHCVSS 7.7vInsteon Hub 2245-222 - Firmware version 10122018-08-06
CVE-2017-14447 [HIGH] CWE-119 CVE-2017-14447: An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' chann
An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnera
nvd