2 matches found
CVE-2017-14444
CVE-2017-14444 describes a buffer overflow in Insteon Hub firmware 1012 triggered by the HTTPUpdate URL parameter during a firmware update request. The vulnerability arises in the HTTP server’s handling of GET parameters in HTTPExecuteGet, with a parameter (update URL) copied via strcpy, potentia...
Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability(CVE-2017-14444)
Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET reque...