2 matches found
CVE-2017-16294
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
CVE-2017-16294
CVE-2017-16294 concerns Insteon Hub firmware 1012 where the PubNub message handler for channel cc is vulnerable to multiple stack-based buffer overflows. The vulnerable path uses unconstrained strcpy calls to small buffers (e.g., 32-byte buffers) when parsing JSON fields (notably the on key under...