Vulnerabilities > Belkin > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-13 | CVE-2015-5536 | Permissions, Privileges, and Access Controls vulnerability in Belkin N300 Dual-Band Wi-Fi Range Extender Firmware 1.0.0 Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request. | 9.0 |
| 2014-11-12 | CVE-2014-1635 | Buffer Errors vulnerability in Belkin products Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter. | 10.0 |
| 2014-02-22 | CVE-2013-6952 | Cryptographic Issues vulnerability in Belkin Wemo Home Automation Firmware 2769 The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data. | 10.0 |
| 2014-02-22 | CVE-2013-6949 | Permissions, Privileges, and Access Controls vulnerability in Belkin Wemo Home Automation Firmware 2769 The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device. | 9.3 |
| 2009-08-28 | CVE-2008-7115 | Permissions, Privileges, and Access Controls vulnerability in Belkin F5D7632-4 and Wireless G Router The web interface to the Belkin Wireless G router and ADSL2 modem F5D7632-4V6 with firmware 6.01.08 allows remote attackers to bypass authentication and gain administrator privileges via a direct request to (1) statusprocess.exe, (2) system_all.exe, or (3) restore.exe in cgi-bin/. | 10.0 |
| 2008-03-10 | CVE-2008-1244 | Improper Authentication vulnerability in Belkin F5D7230-4 cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. | 10.0 |
| 2008-03-10 | CVE-2008-1242 | Permissions, Privileges, and Access Controls vulnerability in Belkin F5D7230-4 The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user, a different vulnerability than CVE-2005-3802. | 10.0 |