Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. A strcpy overflows the buffer insteon_pubnub.channel_ak, which has a size of 16 bytes. An attacker can send an arbitrarily long "ak" parameter in order to exploit this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Insteon Hub 2245-222 缓冲区错误漏洞
Vulnerability Description
Insteon Hub 2245-222是美国Insteon公司的一款Insteon中央控制器设备。该产品可远程控制家中的灯泡、墙壁开关、空调等。 使用1012版本固件的Insteon Hub 2245-222中存在缓冲区溢出漏洞。攻击者可通过发送任意长度的‘ak’参数利用该漏洞覆盖任意数据,执行代码或造成设备崩溃。
CVSS Information
N/A
Vulnerability Type
N/A