module
Belkin Wemo UPnP Remote Code Execution
| Disclosed |
|---|
| Apr 4, 2014 |
Disclosed
Apr 4, 2014
Description
This module exploits a command injection in the Belkin Wemo UPnP API via
the SmartDevURL argument to the SetSmartDevInfo action.
This module has been tested on a Wemo-enabled Crock-Pot, but other Wemo
devices are known to be affected, albeit on a different RPORT (49153).
the SmartDevURL argument to the SetSmartDevInfo action.
This module has been tested on a Wemo-enabled Crock-Pot, but other Wemo
devices are known to be affected, albeit on a different RPORT (49153).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.