CVE-2017-5251

HIGH

Insteon Hub <1012 - Info Disclosure

Title source: llm

Description

In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted.

References (1)

[Third Party Advisory] https://blog.rapid7.com/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-smart-home-systems/

Scores

CVSS v3 8.1

EPSS 0.0016

EPSS Percentile 36.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-294 CWE-311

Status published

Products (1)

insteon/insteon_hub_firmware < 1012

Published Feb 22, 2018

Tracked Since Feb 18, 2026