Man-in-the-middle Vulnerability in Belkin WeMo Home Automation Firmware
CVE-2013-6951
Currently unrated
What is CVE-2013-6951?
The Belkin WeMo Home Automation firmware prior to version 3949 lacks adequate protection by not maintaining a set of trusted Certification Authority public keys. This oversight allows attackers to exploit the system by performing man-in-the-middle attacks, presenting forged SSL servers that can accept arbitrary X.509 certificates, thereby compromising the integrity and confidentiality of communications.