Vulnerabilities > Belkin > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2021-25310 | OS Command Injection vulnerability in Belkin Linksys Wrt160Nl Firmware 1.0.04.002Us20130619 The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. | 8.8 |
| 2020-10-23 | CVE-2020-26561 | Out-of-bounds Write vulnerability in Belkin Linksys WRT 160Nl Firmware 1.0.04 Belkin LINKSYS WRT160NL 1.0.04.002_US_20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in create_dir in mini_httpd. | 8.8 |
| 2020-01-28 | CVE-2013-2748 | Unrestricted Upload of File with Dangerous Type vulnerability in Belkin Wemo Switch Firmware Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | 7.5 |
| 2020-01-27 | CVE-2019-17094 | Out-of-bounds Write vulnerability in Belkin Wemo Insight Switch Firmware A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. | 7.2 |
| 2019-12-26 | CVE-2013-3085 | Improper Authentication vulnerability in Belkin F5D8236-4 Firmware An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. | 7.5 |
| 2019-11-13 | CVE-2013-4655 | Link Following vulnerability in Belkin N900 Firmware Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | 7.8 |
| 2019-10-12 | CVE-2019-17532 | Improper Input Validation vulnerability in Belkin Wemo Switch 28B Firmware Wemoww2.00.11057.Pvtowrtsns An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. | 7.8 |
| 2019-06-10 | CVE-2019-12780 | OS Command Injection vulnerability in Belkin Crock-Pot Smart Slow Cooker With Wemo Firmware The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. | 7.5 |
| 2018-04-19 | CVE-2018-1145 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can overflow a stack buffer in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | 7.5 |
| 2014-09-29 | CVE-2013-3092 | Improper Authentication vulnerability in Belkin N300 and N300 Firmware The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. | 8.3 |