CVE-2017-16253

{"id": "CVE-2017-16253", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2019-03-21T17:29:00.243", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0483", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request At 0x9d014dd8 the value for the id key is copied using strcpy to the buffer at $sp+0x290. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow."}, {"lang": "es", "value": "Existe una vulnerabilidad explotable de desbordamiento de b\u00fafer en el manejador de mensajes PubNub de Insteon Hub 2245-222, en la versi\u00f3n de firmware 1012, para el canal cc de Insteon Hub que ejecuta la versi\u00f3n 1012 de firmware. Los comandos especialmente manipulados enviados a trav\u00e9s del servicio PubNub pueden provocar un desbordamiento de b\u00fafer basado en pila que sobrescribe datos arbitrarios. Un atacante puede enviar una petici\u00f3n HTTP autenticada en 0x9d014dd8, donde se copia el valor para la clave ID mediante strcpy al b\u00fafer en $sp+0x290. Este b\u00fafer tiene una longitud de 32 bytes; el env\u00edo de algo mayor provocar\u00e1 un desbordamiento de b\u00fafer."}], "lastModified": "2022-12-09T02:33:07.640", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17F98B37-72C0-48A5-A4E2-12327F48327E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:insteon:hub:2245-222:-:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F075DC32-C386-4B3D-88AA-A56D9D4B4E54"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}