Vulnerabilities > CVE-2019-17094 - Out-of-bounds Write vulnerability in Belkin Wemo Insight Switch Firmware

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

belkin

CWE-787

NVD

Published: 2020-01-27

Updated: 2020-02-04

Summary

A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware version 2.00.11396 and prior versions.

Vulnerable Configurations

Part	Description	Count
OS	Belkin Belkin Wemo Insight Switch Firmware *	1
Hardware	Belkin Belkin Wemo Insight Switch -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://labs.bitdefender.com/2019/12/multiple-vulnerabilities-in-belkin-wemo-insight-switch/