CVE-2017-16288
CVE-2017-16288 affects Insteon Hub (firmware 1012) via the PubNub Pub/Sub handler on channel “cc.” The vulnerable code uses strcpy to copy JSON fields (e.g., dst, usr, pwd, cmd) into fixed-size stack buffers, enabling stack-based buffer overflows. This can overwrite data and is triggered by an au...