Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
home firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6948
The peerAddresses API in the Belkin WeMo Home Automation firmware prior to 3949 allows remote malicious users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) iss...
Belkin Wemo Home Automation Firmware 2769
NA
CVE-2013-6949
The Belkin WeMo Home Automation firmware prior to 3949 does not properly use the STUN and TURN protocols, which allows remote malicious users to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.
Belkin Wemo Home Automation Firmware 2769
NA
CVE-2013-6950
The Belkin WeMo Home Automation firmware prior to 3949 does not use SSL for the distribution feed, which allows man-in-the-middle malicious users to install arbitrary firmware by spoofing a distribution server.
Belkin Wemo Home Automation Firmware 2769
NA
CVE-2013-6951
The Belkin WeMo Home Automation firmware prior to 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary X.509 certificate.
Belkin Wemo Home Automation Firmware 2769
NA
CVE-2013-6952
The Belkin WeMo Home Automation firmware prior to 3949 has a hardcoded GPG key, which makes it easier for remote malicious users to spoof firmware updates and execute arbitrary code via crafted signed data.
Belkin Wemo Home Automation Firmware 2769
NA
CVE-2001-1426
Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote malicious users to change firmware versions or the device's configurations.
Alcatel Speed Touch Home Khdsaa.133
Alcatel Speed Touch Home Khdsaa.134
Alcatel Speed Touch Home Khdsaa.108
Alcatel Speed Touch Home Khdsaa.132
NA
CVE-2001-1424
Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote malicious users to gain unauthorized access.
Alcatel Speed Touch Home Khdsaa.108
Alcatel Speed Touch Home Khdsaa.132
Alcatel Speed Touch Home Khdsaa.133
Alcatel Speed Touch Home Khdsaa.134
NA
CVE-2001-1425
The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote malicious users to gain privileges by directly computing the response based on information that is provided by the device d...
Alcatel Speed Touch Home Khdsaa.108
Alcatel Speed Touch Home Khdsaa.134
Alcatel Speed Touch Home Khdsaa.132
Alcatel Speed Touch Home Khdsaa.133
6.5
CVSSv3
CVE-2019-17098
Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an malicious user to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v...
August August Home
August Connect Wi-fi Bridge Firmware
NA
CVE-2001-1484
Alcatel ADSL modems allow remote malicious users to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication.
Alcatel Speed Touch Adsl Modem Home
Alcatel Adsl Modem 1000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »