CVE-2017-16340

2018-08-0219:00:00

talos

www.cve.org

CVSS3

8.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

41.7%

JSON

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa000180c. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow.

CNA Affected

[
  {
    "product": "Insteon",
    "vendor": "Insteon",
    "versions": [
      {
        "status": "affected",
        "version": "Insteon Hub 2245-222 - Firmware version 1012"
      }
    ]
  }
]