'[Full-disclosure] Belkin Wemo 0day exploit (Remote shell + Rapid State change)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Belkin Wemo 0day exploit (Remote shell + Rapid State change)
From:       Daniel Cardenas <dviciousb () gmail ! com>
Date:       2013-01-31 1:32:48
Message-ID: 7046E0C0-7B3B-4701-BE0A-57880A3D351D () gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Discovered several UPnP vulnerabilites which allowed me to gain full =
shell access and modify the state of the device being controlled. Im in =
the process of disclosing to Belkin. PoC soon to come. Link to video =
below.

http://youtu.be/BcW2q0aHOFo

Belkin WeMo with latest firmware. Able to gain full root access and send =
commands including changing the state of connected device via flaw in =
UPnP implementation. Chose small desk lamp and simple on/off sequence =
due to safety concerns. Real world this could be a fan or space heater =
and rapidly turn on/off without limitation.=

[Attachment #5 (unknown)]

<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body \
style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; \
">Discovered several UPnP vulnerabilites which allowed me to gain full shell access and modify \
the state of the device being controlled. Im in the process of disclosing to Belkin. PoC soon \
to come. Link to video below.<div><br></div><div><a \
href="http://youtu.be/BcW2q0aHOFo">http://youtu.be/BcW2q0aHOFo</a></div><div><br></div><div>Belkin \
WeMo with latest firmware. Able to gain full root access and send commands including changing \
the state of connected device via flaw in UPnP implementation. Chose small desk lamp and simple \
on/off sequence due to safety concerns. Real world this could be a fan or space heater and \
rapidly turn on/off without limitation.</div></body></html>



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic