Hub CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-14444	1 Insteon	2 Hub, Hub Firmware	2024-11-21	9.9 Critical
An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.
CVE-2017-14443	1 Insteon	2 Hub 2245-222, Hub 2245-222 Firmware	2024-11-21	6.5 Medium
An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can send an authenticated HTTP request to trigger this vulnerability.
CVE-2013-4859	1 Insteon	2 Hub, Hub Firmware	2024-11-21	8.1 High
INSTEON Hub 2242-222 lacks Web and API authentication

« first previous Page 6 of 6.