The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.
References
Link | Resource |
---|---|
http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf | |
http://www.kb.cert.org/vuls/id/656302 | US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2014-02-22T21:00:00
Updated: 2014-02-24T05:57:03
Reserved: 2013-12-04T00:00:00
Link: CVE-2013-6949
JSON object: View
NVD Information
Status : Modified
Published: 2014-02-22T21:55:09.233
Modified: 2014-03-06T04:49:56.487
Link: CVE-2013-6949
JSON object: View
Redhat Information
No data.
CWE