Hardcoded GPG Key in Belkin WeMo Home Automation Firmware Allows Remote Code Execution

Hardcoded GPG Key in Belkin WeMo Home Automation Firmware Allows Remote Code Execution

CVE-2013-6952 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.

Learn more about our Web Application Penetration Testing UK.