CVE-2013-6950 in WeMoinfo

Summary

The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows man-in-the-middle attackers to install arbitrary firmware by spoofing a distribution server.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/04/2013

Disclosure

02/22/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
12453Belkin WeMo Distribution Feed cryptographic issue310UnprovenOfficial fixCVE-2013-6950

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!