ID
VAR-202001-0278
CVE
CVE-2019-17094
TITLE
Belkin WeMo Insight Switch Out of boundary write vulnerability in firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2019-014441
DESCRIPTION
A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware version 2.00.11396 and prior versions. Belkin WeMo Insight Switch Firmware contains an out-of-bounds write vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state
Trust: 1.62
sources:
NVD: CVE-2019-17094 //
JVNDB: JVNDB-2019-014441
AFFECTED PRODUCTS
| vendor: | belkin | model: | wemo insight switch | scope: | lt | version: | 2.00.11396 | Trust: 1.0 |
| vendor: | belkin | model: | wemo insight switch | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | belkin | model: | wemo insight switch | scope: | lte | version: | wemo insight switch firmware 2.00.11396 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-014441 //
NVD: CVE-2019-17094
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
JVNDB: JVNDB-2019-014441 //
CNNVD: CNNVD-202001-1176 //
NVD: CVE-2019-17094 //
NVD: CVE-2019-17094
PROBLEMTYPE DATA
| problemtype: | CWE-121 | Trust: 1.0 |
| problemtype: | CWE-787 | Trust: 1.0 |
| problemtype: | Out-of-bounds write (CWE-787) [NVD Evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-014441 //
NVD: CVE-2019-17094
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202001-1176
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202001-1176
PATCH
| title: | Top Page | url: | https://www.belkin.com | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-014441
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-17094 | Trust: 2.4 |
| db: | JVNDB | id: | JVNDB-2019-014441 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202001-1176 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2019-014441 //
CNNVD: CNNVD-202001-1176 //
NVD: CVE-2019-17094
REFERENCES
| url: | https://labs.bitdefender.com/2019/12/multiple-vulnerabilities-in-belkin-wemo-insight-switch/ | Trust: 2.4 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-17094 | Trust: 1.4 |
sources:
JVNDB: JVNDB-2019-014441 //
CNNVD: CNNVD-202001-1176 //
NVD: CVE-2019-17094
SOURCES
| db: | JVNDB | id: | JVNDB-2019-014441 |
| db: | CNNVD | id: | CNNVD-202001-1176 |
| db: | NVD | id: | CVE-2019-17094 |
LAST UPDATE DATE
2024-11-23T22:37:34.461000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2019-014441 | date: | 2020-02-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-202001-1176 | date: | 2021-01-05T00:00:00 |
| db: | NVD | id: | CVE-2019-17094 | date: | 2024-11-21T04:31:40.820 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2019-014441 | date: | 2020-02-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-202001-1176 | date: | 2020-01-27T00:00:00 |
| db: | NVD | id: | CVE-2019-17094 | date: | 2020-01-27T18:15:12.367 |