|
254691
|
8.8 |
HIGH
Network
|
insteon
|
hub_firmware
|
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-16261
|
2024-11-21 12:16 |
2023-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254692
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-16259
|
2024-11-21 12:16 |
2023-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254693
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-16258
|
2024-11-21 12:16 |
2023-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254694
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-16257
|
2024-11-21 12:16 |
2023-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254695
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-16256
|
2024-11-21 12:16 |
2023-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254696
|
7.5 |
HIGH
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 4097_1, the password in the database is stored in Base64 format.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-16632
|
2024-11-21 12:16 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254697
|
6.5 |
MEDIUM
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 4097_1, a guest user is able to change the password of an administrative user by utilizing an Insecure Direct Object Reference (IDOR) in the "Account Password Reset" functionality.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-16631
|
2024-11-21 12:16 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254698
|
8.8 |
HIGH
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 4097_1, a guest user can create a local administrator account on any system that has SapphireIMS installed, because of an Insecure Direct Object Reference (IDOR) in the local user crea…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-16630
|
2024-11-21 12:16 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254699
|
7.5 |
HIGH
Network
|
sapphireims
|
sapphireims
|
In SapphireIMS 4097_1, it is possible to guess the registered/active usernames of the software from the errors it gives out for each type of user on the Login form. For "Incorrect User" - it gives an…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2017-16629
|
2024-11-21 12:16 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254700
|
4.6 |
MEDIUM
Physics
|
fermax
|
outdoor_panel_firmware
|
An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow phy…
|
CWE-863
Incorrect Authorization
|
CVE-2017-16778
|
2024-11-21 12:16 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
