2 matches found
CVE-2017-14455
Affected product: Insteon Hub 2245-222 with firmware 1012. Root cause: unsafe use of strcpy in PubNub control channel handler, overflowing the 16-byte insteon_pubnub.channel_ak buffer and potentially overwriting adjacent data. Impact: remote code execution risk via specially crafted PubNub respon...
Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities(CVE-2017-14452~CVE-2017-14455)
Summary Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary...