2 matches found
CVE-2017-14452
CVE-2017-14452 affects Insteon Hub (firmware 1012, model 2245-222) via the PubNub control channel. Affected code uses unsafe strcpy on channel_cc_r, channel_ad_r, channel_al, and channel_ak, enabling buffer/overflows that can overwrite data and lead to code execution. Talos reports multiple relat...
Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities(CVE-2017-14452~CVE-2017-14455)
Summary Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary...