CVE-2013-6949
First published: Sat Feb 22 2014(Updated: )
The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Belkin WeMo Home Automation firmware | =2769 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-6949?
CVE-2013-6949 is classified as a high severity vulnerability due to its potential for remote exploitation.
How do I fix CVE-2013-6949?
To mitigate CVE-2013-6949, update your Belkin WeMo Home Automation firmware to the latest version 3949 or higher.
What devices are affected by CVE-2013-6949?
CVE-2013-6949 affects Belkin WeMo Home Automation firmware versions prior to 3949.
What happens if I am vulnerable to CVE-2013-6949?
If vulnerable to CVE-2013-6949, attackers may hijack connections and potentially gain unauthorized access to your WeMo device.
Is CVE-2013-6949 actively exploited in the wild?
There have been indications that CVE-2013-6949 may be targeted by attackers, emphasizing the importance of applying software updates promptly.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/belkin
- canonical/belkin wemo home automation firmware
- version/belkin wemo home automation firmware/2769