CVE-2017-14444

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012

Description: A buffer overflow issue exists due to the incorrect handling of the URL parameter during a firmware update request by the HTTP server implementation, leading to a buffer overflow on a global section. An attacker can trigger this issue by sending an HTTP GET request.

Recommendations: For Insteon Hub version 1012, update the firmware to a version that is not affected by this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the firmware update request to minimize the risk of exploitation.