CVE-2013-6949

Published: Feb 22, 2014Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.

Affected (1)

Products: Belkin: Wemo Home Automation Firmware

Belkin

1 product

Wemo Home Automation Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Belkin Wemo Home Automation Firmware	Version 2769

Related CWEs

CWE-264

References (4)

http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf

Source: cret@cert.org

http://www.kb.cert.org/vuls/id/656302

Source: cret@cert.org

US Government Resource

http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/656302

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.