Insteon Hub 2245-222 Firmware 1012
Approved changes feed: RSS · Atom
cpe:2.3:o:insteon:hub_2245-222_firmware:1012:*:*:*:*:*:*:*
part: o version: 1012 update: *
| Vendor | Insteon (7b3e838e-214f-5b6e-a9e1-be9bcbb5f079) |
|---|---|
| Product | Hub 2245 222 Firmware (801cbe93-8436-5476-a182-c16a5f50bc3d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-16337 |
vulnerable | 2026-06-08 05:09:00.357295 |
Details available
HIGH (8.5)
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. At 0x9d01ef24 the value for the s_offset key is copied using strcpy to the buffer at $sp+0x2b0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2018-08-23T15:00:00.000Z
Updated: 2024-09-16T18:55:33.214Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14455 |
vulnerable | 2026-06-08 05:08:49.975950 |
Details available
HIGH (8.5)
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. A strcpy overflows the buffer insteon_pubnub.channel_ak, which has a size of 16 bytes. An attacker can send an arbitrarily long "ak" parameter in order to exploit this vulnerability.
Published: 2018-08-23T15:00:00.000Z
Updated: 2024-09-17T00:11:16.184Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14453 |
vulnerable | 2026-06-08 05:08:49.973900 |
Details available
HIGH (8.5)
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. A strcpy overflows the buffer insteon_pubnub.channel_ad_r, which has a size of 16 bytes. An attacker can send an arbitrarily long "ad_r" parameter in order to exploit this vulnerability.
Published: 2018-08-23T15:00:00.000Z
Updated: 2024-09-16T20:47:59.330Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14443 |
vulnerable | 2026-06-08 05:08:49.961799 |
Details available
CRITICAL (9.6)
An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can send an authenticated HTTP request to trigger this vulnerability.
Published: 2018-09-17T17:00:00.000Z
Updated: 2024-08-05T19:27:40.515Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.