Vulnerabilities > CVE-2017-16254 - Out-of-bounds Write vulnerability in Insteon HUB Firmware 1012

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

insteon

CWE-787

NVD

Published: 2019-03-21

Updated: 2022-12-09

Summary

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at 0x9d014e4c the value for the flg key is copied using strcpy to the buffer at $sp+0x270. This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.

Vulnerable Configurations

Part	Description	Count
OS	Insteon Insteon HUB Firmware 1012	1
Hardware	Insteon Insteon HUB 2245-222	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Talos

id	TALOS-2017-0483
last seen	2019-05-29
published	2018-06-19
reporter	Talos Intelligence
source	http://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0483
title	Insteon Hub PubNub "cc" Channel Message Handler Multiple Stack Overflow Code Execution Vulnerabilities

References

https://talosintelligence.com/vulnerability_reports/TALOS-2017-0483