CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-6948

The peerAddresses API in the Belkin WeMo Home Automation firmware before 3949 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.7%

CVSS Severity

CVSS v2 Score 7.8

References

http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf
http://www.kb.cert.org/vuls/id/656302
http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf
http://www.kb.cert.org/vuls/id/656302

Products affected by CVE-2013-6948

Belkin » Wemo Home Automation Firmware » Version: 2769

cpe:2.3:a:belkin:wemo_home_automation_firmware:2769

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6948

Products

Pricing

Contact Us