An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can send an authenticated HTTP request to trigger this vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published: 2018-09-17T17:00:00

Updated: 2024-08-05T19:27:40.515Z

Reserved: 2017-09-13T00:00:00

Link: CVE-2017-14443

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-09-17T17:29:00.267

Modified: 2022-12-14T16:13:10.983

Link: CVE-2017-14443

cve-icon Redhat

No data.