2 matches found
CVE-2017-16298
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
CVE-2017-16298
Insteon Hub (firmware 1012) is affected via the PubNub API channel “cc”. The affected component is the PubNub message handler parsing JSON commands, where several strcpy calls copy unbounded input into fixed-size buffers (e.g., offcmd, oncmd, usr, pwd, etc.). The vulnerability is a stack-based bu...