Vulnerability Description
Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firmware file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Belkin | Wemo Smart Plug Wsp080 Firmware | 1.2 |
| Belkin | Wemo Smart Plug Wsp080 | - |
Related Weaknesses (CWE)
References
- https://github.com/purseclab/CVE-2023-33768ExploitThird Party Advisory
- https://play.google.com/store/apps/details?id=com.belkin.wemoandroid&hl=en_US&glProduct
- https://www.amazon.com/Control-Devices-Remotely-Assistant-HomeKit/dp/B08CJGZZZ1Product
- https://github.com/purseclab/CVE-2023-33768ExploitThird Party Advisory
- https://play.google.com/store/apps/details?id=com.belkin.wemoandroid&hl=en_US&glProduct
- https://www.amazon.com/Control-Devices-Remotely-Assistant-HomeKit/dp/B08CJGZZZ1Product
FAQ
What is CVE-2023-33768?
CVE-2023-33768 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firmw...
How severe is CVE-2023-33768?
CVE-2023-33768 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-33768?
Check the references section above for vendor advisories and patch information. Affected products include: Belkin Wemo Smart Plug Wsp080 Firmware, Belkin Wemo Smart Plug Wsp080.