Multiple exploitable buffer overflow vulnerabilities...
Critical severity
Unreviewed
Published
Jan 12, 2023
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Jan 11, 2023
Published to the GitHub Advisory Database
Jan 12, 2023
Last updated
Jan 27, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c898, the value for the
g_meta_page
key is copied usingstrcpy
to the buffer at$sp+0x2b0
.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.References