Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
belkin wemo home automation firmware 2769 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2013-6948
The peerAddresses API in the Belkin WeMo Home Automation firmware prior to 3949 allows remote malicious users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) iss...
Belkin Wemo Home Automation Firmware 2769
9.3
CVSSv2
CVE-2013-6949
The Belkin WeMo Home Automation firmware prior to 3949 does not properly use the STUN and TURN protocols, which allows remote malicious users to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.
Belkin Wemo Home Automation Firmware 2769
7.8
CVSSv2
CVE-2013-6950
The Belkin WeMo Home Automation firmware prior to 3949 does not use SSL for the distribution feed, which allows man-in-the-middle malicious users to install arbitrary firmware by spoofing a distribution server.
Belkin Wemo Home Automation Firmware 2769
7.1
CVSSv2
CVE-2013-6951
The Belkin WeMo Home Automation firmware prior to 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary X.509 certificate.
Belkin Wemo Home Automation Firmware 2769
10
CVSSv2
CVE-2013-6952
The Belkin WeMo Home Automation firmware prior to 3949 has a hardcoded GPG key, which makes it easier for remote malicious users to spoof firmware updates and execute arbitrary code via crafted signed data.
Belkin Wemo Home Automation Firmware 2769
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
Vulmon