Security Advisory

CVE-2019-12780

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-10 15:46:05

Last updated 2024-08-04 23:32:55

Assigner mitre

State PUBLISHED

Description

The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication.

← Browse all CVEs View on cve.org ↗