Filtered by vendor Belkin
Subscriptions
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0403 | 1 Belkin | 1 F5d9230-4 | 2024-08-07 | N/A |
| The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote attackers to read and modify configuration via a direct request to SaveCfgFile.cgi. | ||||
| CVE-2012-4366 | 1 Belkin | 4 N150 Wireless Router, N300 Wireless Router, N450 Wireless Router and 1 more | 2024-08-06 | N/A |
| Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames. | ||||
| CVE-2013-7173 | 1 Belkin | 2 N750, N750 Firmware | 2024-08-06 | 9.8 Critical |
| Belkin n750 routers have a buffer overflow. | ||||
| CVE-2013-6952 | 1 Belkin | 1 Wemo Home Automation Firmware | 2024-08-06 | N/A |
| The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data. | ||||
| CVE-2013-6950 | 1 Belkin | 1 Wemo Home Automation Firmware | 2024-08-06 | N/A |
| The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows man-in-the-middle attackers to install arbitrary firmware by spoofing a distribution server. | ||||
| CVE-2013-6948 | 1 Belkin | 1 Wemo Home Automation Firmware | 2024-08-06 | N/A |
| The peerAddresses API in the Belkin WeMo Home Automation firmware before 3949 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
| CVE-2013-6949 | 1 Belkin | 1 Wemo Home Automation Firmware | 2024-08-06 | N/A |
| The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device. | ||||
| CVE-2013-6951 | 1 Belkin | 1 Wemo Home Automation Firmware | 2024-08-06 | N/A |
| The Belkin WeMo Home Automation firmware before 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary X.509 certificate. | ||||
| CVE-2013-4655 | 1 Belkin | 2 N900, N900 Firmware | 2024-08-06 | 7.5 High |
| Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | ||||
| CVE-2013-3087 | 1 Belkin | 1 N900 | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 router allow remote attackers to inject arbitrary web script or HTML via the (1) ssid2 parameter to wl_channel.html or (2) guest_psk parameter to wl_guest.html. | ||||
| CVE-2013-3088 | 1 Belkin | 2 N900, N900 Firmware | 2024-08-06 | 9.8 Critical |
| Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging". | ||||
| CVE-2013-3083 | 1 Belkin | 1 F5d8236-4 V2 | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the remote management interface on arbitrary ports via the remote_mgmt_enabled and remote_mgmt_port parameters. | ||||
| CVE-2013-3090 | 1 Belkin | 1 N300 | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors. | ||||
| CVE-2013-3089 | 1 Belkin | 2 N300, N300 Firmware | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration. | ||||
| CVE-2013-3085 | 1 Belkin | 2 F5d8236-4, F5d8236-4 Firmware | 2024-08-06 | 9.8 Critical |
| An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. | ||||
| CVE-2013-3091 | 1 Belkin | 2 N300, N300 Firmware | 2024-08-06 | 9.8 Critical |
| An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging." | ||||
| CVE-2013-3092 | 1 Belkin | 2 N300, N300 Firmware | 2024-08-06 | N/A |
| The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. | ||||
| CVE-2013-3086 | 1 Belkin | 2 N900, N900 Firmware | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration settings including passwords and remote management ports. | ||||
| CVE-2013-3084 | 1 Belkin | 1 F5d8236-4 | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model F5D8236-4 v2 router allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-2748 | 1 Belkin | 2 Wemo Switch, Wemo Switch Firmware | 2024-08-06 | 9.8 Critical |
| Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | ||||