Insecure Firmware Distribution in Belkin WeMo Home Automation Devices

Insecure Firmware Distribution in Belkin WeMo Home Automation Devices

CVE-2013-6950 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows man-in-the-middle attackers to install arbitrary firmware by spoofing a distribution server.

Learn more about our Cis Benchmark Audit For Server Software.