CVE-2017-14452

Summary

An exploitable buffer overflow vulnerability exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A strcpy overflows the buffer insteon_pubnub.channel_cc_r, which has a size of 16 bytes. An attacker can send an arbitrarily long "c_r" parameter in order to exploit this vulnerability. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
InsteonInsteon Hub 2245-222Firmware version 1012affected

Weaknesses

  • Classic Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References