CVE-2017-14447

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012

Description: A buffer overflow issue exists in the PubNub message handler for the 'ad' channel, allowing specially crafted commands sent through the PubNub service to cause a stack-based buffer overflow, potentially overwriting arbitrary data. This can be triggered by sending an authenticated HTTP request.

Recommendations: For Insteon Hub version 1012, consider restricting access to the PubNub service until a patch is available. As a temporary workaround, avoid using the 'ad' channel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.