Vulnerabilities > Insteon > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-02 | CVE-2017-16338 | Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. | 9.9 |
| 2018-08-02 | CVE-2017-14446 | Out-of-bounds Write vulnerability in Insteon HUB Firmware 1012 An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. | 9.9 |
| 2018-08-02 | CVE-2017-14445 | Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012 An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. | 9.9 |
| 2018-08-02 | CVE-2017-14444 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB Firmware 1012 An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. | 9.9 |
| 2018-06-23 | CVE-2018-12640 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon 2864-222 Firmware The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100. | 9.8 |
| 2018-06-23 | CVE-2018-11560 | Out-of-bounds Write vulnerability in Insteon 2864-222 Firmware The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100. | 9.8 |
| 2018-02-22 | CVE-2017-5250 | Insecure Storage of Sensitive Information vulnerability in Insteon for HUB 1.9.7 In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner. | 9.8 |