Vulnerabilities > Belkin > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-13 | CVE-2023-33768 | Improper Verification of Cryptographic Signature vulnerability in Belkin Wemo Smart Plug Wsp080 Firmware 1.2 Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firmware file. | 6.5 |
| 2020-02-18 | CVE-2013-2679 | Cross-site Scripting vulnerability in Belkin Linksys E4200 Firmware 1.0.05 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi. | 4.3 |
| 2018-04-19 | CVE-2018-1146 | Unspecified vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi. | 5.0 |
| 2015-12-31 | CVE-2015-5990 | Cross-Site Request Forgery (CSRF) vulnerability in Belkin N600 DB Wi-Fi Dual-Band N+ Router F9K1102 Firmware 2.10.17 Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users. | 6.8 |
| 2015-12-31 | CVE-2015-5987 | Unspecified vulnerability in Belkin N600 DB Wi-Fi Dual-Band N+ Router F9K1102 Firmware 2.10.17 Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. | 5.0 |
| 2014-09-29 | CVE-2013-3089 | Cross-Site Request Forgery (CSRF) vulnerability in Belkin N300 and N300 Firmware Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration. | 6.8 |
| 2014-09-29 | CVE-2013-3086 | Cross-Site Request Forgery (CSRF) vulnerability in Belkin N900 and N900 Firmware Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration settings including passwords and remote management ports. | 6.8 |
| 2014-09-29 | CVE-2013-3083 | Cross-Site Request Forgery (CSRF) vulnerability in Belkin F5D8236-4 V2 Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the remote management interface on arbitrary ports via the remote_mgmt_enabled and remote_mgmt_port parameters. | 6.8 |
| 2014-01-30 | CVE-2013-3090 | Cross-Site Scripting vulnerability in Belkin N300 Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors. | 4.3 |
| 2014-01-30 | CVE-2013-3087 | Cross-Site Scripting vulnerability in Belkin N900 Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 router allow remote attackers to inject arbitrary web script or HTML via the (1) ssid2 parameter to wl_channel.html or (2) guest_psk parameter to wl_guest.html. | 4.3 |