Main Site Documentation

Let me hack your Belkin Wemo for you


#1

No really let me own those for you.

The peerAddresses API in Belkin WeMo Home Automation firmware before 3949 allows remote attackers to conduct XML injection attacks and read arbitrary files via unspecified vectors.

The Belkin WeMo Home Automation firmware before 3949 does not properly restrict the use of STUN and TURN proxies, which allows man-in-the-middle attackers to bypass intended access restrictions via crafted packets.

The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows remote attackers to obtain sensitive information by sniffing the network.

The Belkin WeMo Home Automation firmware before 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary X.509 certificate.

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.

From my Dr. Evil past I still read the weekly US CERT bulletins and its good to see that some IoT type devices are being noticed and reported and hopefully this serves as notice that security is import even to small devices.

https://www.us-cert.gov/ncas/bulletins/SB14-062

These are always an interesting read.


#2

Interesting indeed. Quite the opposite reality vs. what most of the fan boys preach in the papers.