Filtered by vendor Belkin
Subscribe
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17532 | 1 Belkin | 2 Wemo Switch 28b, Wemo Switch 28b Firmware | 2021-07-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs. | |||||
| CVE-2019-12780 | 1 Belkin | 2 Crock-pot Smart Slow Cooker With Wemo, Crock-pot Smart Slow Cooker With Wemo Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication. | |||||
| CVE-2013-2679 | 1 Belkin | 2 Linksys E4200, Linksys E4200 Firmware | 2020-02-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi. | |||||
| CVE-2013-7173 | 1 Belkin | 2 N750, N750 Firmware | 2020-02-20 | 10.0 HIGH | 9.8 CRITICAL |
| Belkin n750 routers have a buffer overflow. | |||||
| CVE-2013-3091 | 1 Belkin | 2 N300, N300 Firmware | 2020-02-10 | 10.0 HIGH | 9.8 CRITICAL |
| An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging." | |||||
| CVE-2013-2748 | 1 Belkin | 2 Wemo Switch, Wemo Switch Firmware | 2020-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | |||||
| CVE-2019-17094 | 1 Belkin | 2 Wemo Insight Switch, Wemo Insight Switch Firmware | 2020-02-04 | 7.2 HIGH | 7.8 HIGH |
| A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware version 2.00.11396 and prior versions. | |||||
| CVE-2013-3088 | 1 Belkin | 2 N900, N900 Firmware | 2020-01-16 | 9.3 HIGH | 9.8 CRITICAL |
| Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging". | |||||
| CVE-2013-3085 | 1 Belkin | 2 F5d8236-4, F5d8236-4 Firmware | 2020-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. | |||||
| CVE-2013-4655 | 1 Belkin | 2 N900, N900 Firmware | 2019-11-14 | 7.8 HIGH | 7.5 HIGH |
| Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | |||||
| CVE-2018-1144 | 1 Belkin | 2 N750, N750 Firmware | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | |||||
| CVE-2018-1146 | 1 Belkin | 2 N750, N750 Firmware | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi. When enabled the telnet session requires no password and provides root access. | |||||
| CVE-2018-1143 | 1 Belkin | 2 N750, N750 Firmware | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to twonky_command.cgi. | |||||
| CVE-2005-4417 | 3 Anycom, Belkin, Widcomm | 3 Blue Usb-130-250 Software, Bluetooth Software, Bluetooth For Windows | 2018-10-19 | 6.4 MEDIUM | N/A |
| The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and earlier, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote attackers to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile. | |||||
| CVE-2008-0403 | 1 Belkin | 1 F5d9230-4 | 2018-10-15 | 5.5 MEDIUM | N/A |
| The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote attackers to read and modify configuration via a direct request to SaveCfgFile.cgi. | |||||
| CVE-2007-6040 | 1 Belkin | 1 F5d7230-4 | 2018-10-15 | 5.0 MEDIUM | N/A |
| The Belkin F5D7230-4 Wireless G Router allows remote attackers to cause a denial of service (degraded networking and logging) via a flood of TCP SYN packets, a related issue to CVE-1999-0116. | |||||
| CVE-2008-1245 | 1 Belkin | 1 F5d7230-4 | 2018-10-11 | 7.8 HIGH | N/A |
| cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header. | |||||
| CVE-2008-1244 | 1 Belkin | 1 F5d7230-4 | 2018-10-11 | 10.0 HIGH | N/A |
| cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected. | |||||
| CVE-2008-1242 | 1 Belkin | 1 F5d7230-4 | 2018-10-11 | 10.0 HIGH | N/A |
| The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user, a different vulnerability than CVE-2005-3802. | |||||
| CVE-2018-1145 | 1 Belkin | 2 N750, N750 Firmware | 2018-05-18 | 7.5 HIGH | 9.8 CRITICAL |
| A remote unauthenticated user can overflow a stack buffer in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | |||||