RSS   Vulnerabilities for
'Crock-pot smart slow cooker with wemo firmware'
   RSS

2019-06-10
 
CVE-2019-12780

CWE-77
 

 
The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication.

 

 >>> Vendor: Belkin 32 Products
F5d5230-4 4-port cable dsl gateway router
F5d6130 wnap
Belkin 54g wireless router
54g wireless router
F5d7230-4
F5d7232-4
Bluetooth software
F5d7231-4
F5d9230-4
F5d7632-4
Wireless g router
N150 wireless router
N300 wireless router
N450 wireless router
N900 wireless router
F5d8236-4-v2
N900
N300
Wemo home automation firmware
F5d8236-4
N150 f9k1009
N150 f9k1009 firmware
F5d8236-4 v2
N900 firmware
N300 firmware
N750 wireless router
N750 wireless router firmware
N300 dual-band wi-fi range extender firmware
N600 db wi-fi dual-band n\+ router f9k1102 firmware
N750 firmware
Wemo insight smart plug firmware
Crock-pot smart slow cooker with wemo firmware


Copyright 2024, cxsecurity.com

 

Back to Top