CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-17532

An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

https://github.com/badnack/wemo_dos
https://github.com/badnack/wemo_dos

Products affected by CVE-2019-17532

Belkin » Wemo Switch 28b » Version: N/A

cpe:2.3:h:belkin:wemo_switch_28b:-
Belkin » Wemo Switch 28b Firmware » Version: wemo_ww_2.00.11057.pvt-owrt-sns

cpe:2.3:o:belkin:wemo_switch_28b_firmware:wemo_ww_2.00.11057.pvt-owrt-sns

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17532

Products

Pricing

Contact Us