Sign-up

ID

VAR-201808-0145


CVE

CVE-2017-16252


TITLE

Insteon Hub 2245-222 Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-014192

DESCRIPTION

Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the value for the cmd key is copied using strcpy to the buffer at $sp+0x11c. This buffer is 20 bytes large, sending anything longer will cause a buffer overflow. Insteon Hub 2245-222 Contains a buffer error vulnerability.Information may be tampered with. InsteonHub is an Insteon central controller from Insteon, USA. This product can remotely control light bulbs, wall switches, air conditioners, etc. in the home. Insteon Hub is an Insteon central controller product of Insteon Company in the United States

Trust: 2.25

sources: NVD: CVE-2017-16252 // JVNDB: JVNDB-2017-014192 // CNVD: CNVD-2018-16483 // VULHUB: VHN-107156

IOT TAXONOMY

category:['Network device']sub_category:Gateway / Hub: Open Ecosystem

Trust: 0.6

category:['home & office device']sub_category:smart home device

Trust: 0.1

category:['home & office device']sub_category:smart home controller

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2018-16483

AFFECTED PRODUCTS

vendor:insteonmodel:hubscope:eqversion:1012

Trust: 2.4

vendor:insteonmodel:hubscope:eqversion:2245-222

Trust: 0.6

sources: CNVD: CNVD-2018-16483 // JVNDB: JVNDB-2017-014192 // CNNVD: CNNVD-201711-174 // NVD: CVE-2017-16252

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-16252
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2017-16252
value: HIGH

Trust: 1.0

NVD: CVE-2017-16252
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-16483
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201711-174
value: HIGH

Trust: 0.6

VULHUB: VHN-107156
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-16252
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-16483
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-107156
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-16252
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2017-16252
baseSeverity: HIGH
baseScore: 8.5
vectorString: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2017-16252
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-16483 // VULHUB: VHN-107156 // JVNDB: JVNDB-2017-014192 // CNNVD: CNNVD-201711-174 // NVD: CVE-2017-16252 // NVD: CVE-2017-16252

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-107156 // JVNDB: JVNDB-2017-014192 // NVD: CVE-2017-16252

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-174

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201711-174

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014192

PATCH
title:Top Pageurl:https://www.insteon.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-014192

EXTERNAL IDS
db:NVDid:CVE-2017-16252
Trust: 3.2
db:TALOSid:TALOS-2017-0483
Trust: 2.5
db:JVNDBid:JVNDB-2017-014192
Trust: 0.8
db:CNNVDid:CNNVD-201711-174
Trust: 0.7
db:CNVDid:CNVD-2018-16483
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-107156
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2018-16483 // 
            
            
            
            VULHUB: VHN-107156 // 
            
            
            
            JVNDB: JVNDB-2017-014192 // 
            
            
            
            CNNVD: CNNVD-201711-174 // 
            
            
            
            NVD: CVE-2017-16252

REFERENCES
url:https://www.talosintelligence.com/vulnerability_reports/talos-2017-0483
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2017-16252
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16252
Trust: 0.8
url:https://talosintelligence.com/vulnerability_reports/talos-2017-0483
Trust: 0.6
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2018-16483 // 
            
            
            
            VULHUB: VHN-107156 // 
            
            
            
            JVNDB: JVNDB-2017-014192 // 
            
            
            
            CNNVD: CNNVD-201711-174 // 
            
            
            
            NVD: CVE-2017-16252

CREDITS
Discovered by Claudio Bozzato of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201711-174

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2018-16483
db:VULHUBid:VHN-107156
db:JVNDBid:JVNDB-2017-014192
db:CNNVDid:CNNVD-201711-174
db:NVDid:CVE-2017-16252

LAST UPDATE DATE
2025-01-30T20:03:35.466000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-16483date:2018-08-28T00:00:00
db:VULHUBid:VHN-107156date:2022-12-09T00:00:00
db:JVNDBid:JVNDB-2017-014192date:2018-11-12T00:00:00
db:CNNVDid:CNNVD-201711-174date:2022-12-12T00:00:00
db:NVDid:CVE-2017-16252date:2024-11-21T03:16:06.857

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-16483date:2018-08-28T00:00:00
db:VULHUBid:VHN-107156date:2018-08-06T00:00:00
db:JVNDBid:JVNDB-2017-014192date:2018-11-12T00:00:00
db:CNNVDid:CNNVD-201711-174date:2017-10-31T00:00:00
db:NVDid:CVE-2017-16252date:2018-08-06T21:29:00.237