CVE-2017-5250

EPSS 0.7%CWE-922

In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

Affected products

Insteon · Insteon for Hub

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://blog.rapid7.com/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-smart-home-systems/