CVE-2013-6952

Sažetak

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.

Reference

http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf
http://www.kb.cert.org/vuls/id/656302

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

06-03-2014 - 04:49

Objavljeno

22-02-2014 - 21:55