CVE-2017-16341

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012

Description: An attacker could send an authenticated HTTP request to trigger this issue in the Insteon Hub. The value for the s vol play key is copied using strcpy to a buffer, which is maximum 8 bytes large. Sending a value longer than this will cause a buffer overflow.

Recommendations: For Insteon Hub version 1012, as a temporary workaround, consider restricting access to the s vol play key to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.