VYPR
High severity8.5NVD Advisory· Published Jan 12, 2023· Updated Jun 17, 2026

CVE-2017-14454

CVE-2017-14454

Description

Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. The strcpy at [18] overflows the buffer insteon_pubnub.channel_al, which has a size of 16 bytes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Insteon/Hubllm-fuzzy2 versions
    = 1012+ 1 more
    • (no CPE)range: = 1012
    • (no CPE)range: Not specified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.