Insteon Hub

CVEs (16)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2013-4859	Insteon Insteon Hub	0.04	—	0.09	Dec 27, 2019	INSTEON Hub 2242-222 lacks Web and API authentication
CVE-2017-16332	Insteon Hub	0.00	—	0.00	Jan 11, 2023	Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16328	Insteon Hub	0.00	—	0.00	Jan 11, 2023	Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16311	Insteon Hub	0.00	—	0.00	Jan 11, 2023	Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16287	Insteon Hub	0.00	—	0.00	Jan 11, 2023	Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16255	Insteon Insteon Hub	0.00	—	0.01	Mar 21, 2019	An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an…
CVE-2017-16254	Insteon Insteon Hub	0.00	—	0.01	Mar 21, 2019	An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an…
CVE-2017-16253	Insteon Insteon Hub	0.00	—	0.01	Mar 21, 2019	An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based…
CVE-2017-14443	Insteon Insteon Hub	0.00	—	0.01	Sep 17, 2018	An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An…
CVE-2017-16337	Insteon Insteon Hub	0.00	—	0.01	Aug 23, 2018	On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. At…
CVE-2017-14453	Insteon Insteon Hub	0.00	—	0.01	Aug 23, 2018	On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this…
CVE-2017-14455	Insteon Insteon Hub	0.00	—	0.01	Aug 23, 2018	On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this…
CVE-2017-16252	Insteon Insteon Hub	0.00	—	0.01	Aug 6, 2018	Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the…
CVE-2018-12640	Insteon Insteon Hub	0.00	—	0.00	Jun 23, 2018	The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.
CVE-2017-5250	Insteon Insteon Hub	0.00	—	0.00	Feb 22, 2018	In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
CVE-2017-5251	Insteon Insteon Hub	0.00	—	0.00	Feb 22, 2018	In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted.

CVE-2013-4859Dec 27, 2019
Insteon
Insteon Hub
risk 0.04cvss —epss 0.09
INSTEON Hub 2242-222 lacks Web and API authentication
CVE-2017-16332Jan 11, 2023
Insteon
Hub
risk 0.00cvss —epss 0.00
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16328Jan 11, 2023
Insteon
Hub
risk 0.00cvss —epss 0.00
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16311Jan 11, 2023
Insteon
Hub
risk 0.00cvss —epss 0.00
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16287Jan 11, 2023
Insteon
Hub
risk 0.00cvss —epss 0.00
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary…
CVE-2017-16255Mar 21, 2019
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an…
CVE-2017-16254Mar 21, 2019
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an…
CVE-2017-16253Mar 21, 2019
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based…
CVE-2017-14443Sep 17, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An…
CVE-2017-16337Aug 23, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. At…
CVE-2017-14453Aug 23, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this…
CVE-2017-14455Aug 23, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this…
CVE-2017-16252Aug 6, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.01
Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the…
CVE-2018-12640Jun 23, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.00
The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.
CVE-2017-5250Feb 22, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.00
In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
CVE-2017-5251Feb 22, 2018
Insteon
Insteon Hub
risk 0.00cvss —epss 0.00
In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted.