CVE-2017-16348

HIGH

Insteon Hub Firmware 1012 - Unauthenticated Denial of Service via UDP Packet

Title source: llm
STIX 2.1

Description

An exploitable denial of service vulnerability exists in Insteon Hub running firmware version 1012. Leftover demo functionality allows for arbitrarily rebooting the device without authentication. An attacker can send a UDP packet to trigger this vulnerability.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0485

Scores

CVSS v3 7.5
EPSS 0.0173
EPSS Percentile 74.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-287
Status published
Products (1)
insteon/insteon_hub_firmware 1012
Published Aug 23, 2018
Tracked Since Feb 18, 2026