Skip to main content
CVE-2013-6952 CRITICAL Act Now

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Wemo Home Automation Firmware
NVD
CVSS 2.0
10.0
EPSS
5.7%
CVE-2014-0721 CRITICAL Act Now

The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Unified Sip Phone 3905
NVD
CVSS 2.0
10.0
EPSS
1.1%
CVE-2013-6949 CRITICAL Act Now

The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Wemo Home Automation Firmware
NVD
CVSS 2.0
9.3
EPSS
0.6%
CVE-2014-0709 CRITICAL Act Now

Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Authentication Bypass Ucs Director
NVD
CVSS 2.0
9.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy