CVE-2013-6952 Information

Description

The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.

Reference

http://www.ioactive.com/pdfs/IOActive_Belkin-advisory-lite.pdf http://www.kb.cert.org/vuls/id/656302