Details of VAR-201801-1870

ID

VAR-201801-1870

TITLE

(0Day) Belkin Wemo Link syseventd Missing Authentication for Critical Function Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-18-133

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Belkin Wemo Link. Authentication is not required to exploit this vulnerability.The specific flaw exists within the syseventd daemon, which listens on TCP port 52367 by default. The issue results from the lack of authentication prior to allowing alterations to the system configuration. An attacker can leverage this vulnerability to execute code under the context of root.

Trust: 0.7

sources: ZDI: ZDI-18-133

AFFECTED PRODUCTS

vendor:

belkin

model:

wemo link

scope:

version:

Trust: 0.7

sources: ZDI: ZDI-18-133

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	ZDI-18-133
value:	HIGH
Trust: 0.7

ZDI:	ZDI-18-133
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7

sources: ZDI: ZDI-18-133

EXTERNAL IDS

db:	ZDI_CAN	id:	ZDI-CAN-5095	Trust: 0.7
db:	ZDI	id:	ZDI-18-133	Trust: 0.7

sources: ZDI: ZDI-18-133

CREDITS

Dove Chiu and Kenney Lu of Trend Micro

Trust: 0.7

sources: ZDI: ZDI-18-133

SOURCES

db:

ZDI

id:

ZDI-18-133

LAST UPDATE DATE

2022-05-17T02:04:30.420000+00:00

SOURCES UPDATE DATE

db:

ZDI

id:

ZDI-18-133

date:

2018-01-23T00:00:00

SOURCES RELEASE DATE

db:

ZDI

id:

ZDI-18-133

date:

2018-01-23T00:00:00