An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.
References
Link | Resource |
---|---|
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0493 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-08-02 12:29
Updated : 2022-12-14 08:15
NVD link : CVE-2017-14444
Mitre link : CVE-2017-14444
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
insteon
- hub_firmware
- hub