Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
belkin wemo home automation firmware 2769 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2013-6948
The peerAddresses API in the Belkin WeMo Home Automation firmware prior to 3949 allows remote malicious users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) iss...
Belkin Wemo Home Automation Firmware 2769
9.3
CVSSv2
CVE-2013-6949
The Belkin WeMo Home Automation firmware prior to 3949 does not properly use the STUN and TURN protocols, which allows remote malicious users to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.
Belkin Wemo Home Automation Firmware 2769
7.1
CVSSv2
CVE-2013-6951
The Belkin WeMo Home Automation firmware prior to 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary X.509 certificate.
Belkin Wemo Home Automation Firmware 2769
10
CVSSv2
CVE-2013-6952
The Belkin WeMo Home Automation firmware prior to 3949 has a hardcoded GPG key, which makes it easier for remote malicious users to spoof firmware updates and execute arbitrary code via crafted signed data.
Belkin Wemo Home Automation Firmware 2769
7.8
CVSSv2
CVE-2013-6950
The Belkin WeMo Home Automation firmware prior to 3949 does not use SSL for the distribution feed, which allows man-in-the-middle malicious users to install arbitrary firmware by spoofing a distribution server.
Belkin Wemo Home Automation Firmware 2769
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started