2 matches found
CVE-2017-16258
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
CVE-2017-16258
TALOS and related sources describe Insteon Hub (firmware 1012) PubNub PubNub channel “cc” vulnerabilities as multiple stack-based buffer overflows caused by unbounded strcpy into small buffers when processing JSON commands (e.g., cmd sn_sx, cmd4; s_auth usr/pwd). Attacker must authenticate and se...