Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.9 views

CVE-2019-12780

The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication...

9.8CVSS9.9AI score0.71992EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2022/11/28 12:0 a.m.47 views

Belkin Wemo UPnP API OS Command Injection (CVE-2019-12780)

A command injection vulnerability exists in Belkin Wemo. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.4AI score0.71992EPSS
Exploits1
CVE
CVE
added 2019/06/10 3:46 p.m.59 views

CVE-2019-12780

CVE-2019-12780 affects Belkin Wemo UPnP API used by the Crock-Pot, where the SetSmartDevInfo action accepts a SmartDevURL that can be abused to inject commands. A simple POST to /upnp/control/basicevent1 without authentication can execute arbitrary commands on the device. Public references in the...

9.8CVSS9.8AI score0.71992EPSS
In wildExploits1References1Affected Software1
Circl
Circl
added 2019/02/19 7:55 p.m.147 views

CVE-2019-12780

creationtimestamp| type| source ---|---|--- 2019-02-19 19:55:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/upnp/belkinwemoupnpexec.rb 2020-10-09 14:13:50+00:00| seen| MISP/b6fb39e0-8665-41f9-bc21-88d7f1945ec4 2024-10-24 00:00:00+00:00| exploited...

9.8CVSS7AI score0.71992EPSS
In wildExploits1References4
Rows per page
Query Builder