PT-2020-7420 · Belkin · Belkin Wemo Switch

Daniel Buentello

·

Published

2020-01-28

·

Updated

2020-02-05

·

CVE-2013-2748

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions: Belkin Wemo Switch versions prior to WeMo US 2.00.2176.PVT
Description: The issue allows remote attackers to upload arbitrary files onto the system.
Recommendations: For versions prior to WeMo US 2.00.2176.PVT, update to WeMo US 2.00.2176.PVT or later to resolve the issue.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2013-2748

Affected Products

Belkin Wemo Switch