Vulnerabilities > Insteon > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2013-4859 Incorrect Default Permissions vulnerability in Insteon HUB Firmware 2242222
INSTEON Hub 2242-222 lacks Web and API authentication
network
insteon CWE-276
critical
 9.3
9.3
2018-08-23 CVE-2017-14455 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB 2245-222 Firmware 1012
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data.
network
low complexity
insteon CWE-119
critical
 9.0
9.0
2018-08-23 CVE-2017-14453 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB 2245-222 Firmware 1012
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data.
network
low complexity
insteon CWE-119
critical
 9.0
9.0
2018-08-23 CVE-2018-3832 Unrestricted Upload of File with Dangerous Type vulnerability in Insteon HUB 2245-222 Firmware 1013
An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013.
network
low complexity
insteon CWE-434
critical
 9.0
9.0
2018-08-02 CVE-2017-16347 Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012.
network
low complexity
insteon CWE-120
critical
 9.9
9.9
2018-08-02 CVE-2017-16346 Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012.
network
low complexity
insteon CWE-120
critical
 9.9
9.9
2018-08-02 CVE-2017-16345 Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012.
network
low complexity
insteon CWE-120
critical
 9.9
9.9
2018-08-02 CVE-2017-16344 Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012.
network
low complexity
insteon CWE-120
critical
 9.9
9.9
2018-08-02 CVE-2017-16343 Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012.
network
low complexity
insteon CWE-120
critical
 9.9
9.9
2018-08-02 CVE-2017-16342 Classic Buffer Overflow vulnerability in Insteon HUB Firmware 1012
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012.
network
low complexity
insteon CWE-120
critical
 9.9
9.9