News and Announcements

Showing results for 
Search instead for 
Do you mean 
Reply
Highlighted
Community Manager
Posts: 81
Registered: ‎05-06-2014

Wemo Remote Code Execution Vulnerability [UPDATE]

[ Edited ]

Wemo is aware of this vulnerability from Doug McKee AKA “fulmetalpackets” and researchers at the McAfee Labs Advanced Threat Research. We have been working together to address the exploit and plan to release firmware in the coming month.

 

References:

 

https://securingtomorrow.mcafee.com/mcafee-labs/insight-into-home-automation-reveals-vulnerability-i...

 

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6692

 

Belkin Security Advisory: https://www.belkin.com/us/support-article?articleNum=275531

 

Update 1/8/2019: The firwmare fix for this vulnerability will be released later today.

Community Manager | PC Gamer | Mountain Biker