VYPR
Critical severity9.9NVD Advisory· Published Aug 2, 2018· Updated Jun 17, 2026

CVE-2017-16345

CVE-2017-16345

Description

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c318 the value for the s_port key is copied using strcpy to the buffer at 0xa00017f4. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between "0" and "3".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Insteon/Hubllm-fuzzy2 versions
    =1012+ 1 more
    • (no CPE)range: =1012
    • (no CPE)range: Insteon Hub 2245-222 - Firmware version 1012

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2017-16345 · Critical · VYPR