Vulnerability Details CVE-2023-33768
Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firmware file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.7%
CVSS Severity
CVSS v3 Score 6.5
References
- https://github.com/purseclab/CVE-2023-33768
- https://play.google.com/store/apps/details?id=com.belkin.wemoandroid&hl=en_US&gl=US
- https://www.amazon.com/Control-Devices-Remotely-Assistant-HomeKit/dp/B08CJGZZZ1
- https://github.com/purseclab/CVE-2023-33768
- https://play.google.com/store/apps/details?id=com.belkin.wemoandroid&hl=en_US&gl=US
- https://www.amazon.com/Control-Devices-Remotely-Assistant-HomeKit/dp/B08CJGZZZ1
Products affected by CVE-2023-33768
-
cpe:2.3:h:belkin:wemo_smart_plug_wsp080:-
-
cpe:2.3:o:belkin:wemo_smart_plug_wsp080_firmware:1.2