CVE-2018-3832
Summary: Insteon Hub with firmware 1013 is vulnerable to an MPFS upload flaw. The HTTP server accepts uploading arbitrary MPFS binaries via /mpfsupload and can trigger unsigned firmware updates via firmware.htm, allowing full firmware flashing with no signature checks. Credentials are required to...