Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6949

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2013-6949
Last Modified 05 Mar 2014 11:49:56
Published 22 Feb 2014 04:55:09
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-6949

Summary

The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.

Vulnerable Systems

Application

  • Belkin Wemo Home Automation Firmware 2769


References

CERT-VN - VU#656302

MISC - http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf


Last Updated: 27 May 2016 11:03:22