PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack

by

Older Wemo smart plugs from Belkin have a vulnerability that allows them to be hacked, according to a blog post from security researchers at Sternum. The Wemo Mini Smart Plug V2 (model F7C063) from 2019 is vulnerable to a buffer overflow attack that can be used execute commands remotely.

belkin wemo v2 mini
Basically, the Wemo Mini Smart Plug V2 has a 30 character name limit that can be overwritten, leading to an exploitable memory buffer error. Full details on how the exploit works are available from Sternum.

Belkin told Sternum that it has no plans to update the Wemo Mini Smart Plug V2 because it is at the end of its life after four years and has been replaced with newer models. That leaves many potential Belkin customers vulnerable, as there are likely many of these smart plugs being used in the wild.

Sternum recommends that people prevent the Wemo Mini Smart Plug V2 from accessing the internet and communicating with other devices like the iPhone because of the vulnerability, but the safest bet would be to remove the plugs and replace them with something more secure.

Tags: Belkin, Wemo

Popular Stories

iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article56 comments
xiaomi apple ad india

Apple and Samsung Push Back Against Xiaomi's Bold India Ads

Friday August 29, 2025 4:54 am PDT by
Apple and Samsung have reportedly issued cease-and-desist notices to Xiaomi in India for an ad campaign that directly compares the rivals' devices to Xiaomi's products. The two companies have threatened the Chinese vendor with legal action, calling the ads "disparaging." Ads have appeared in local print media and on social media that take pot shots at the competitors' premium offerings. One...
Read Full Article201 comments
maxresdefault

The MacRumors Show: iPhone 17's 'Awe Dropping' Accessories

Friday August 29, 2025 8:12 am PDT by
Following the announcement of Apple's upcoming "Awe dropping" event, on this week's episode of The MacRumors Show we talk through all of the new accessories rumored to debut alongside the iPhone 17 lineup. Subscribe to The MacRumors Show YouTube channel for more videos We take a closer look at Apple's invite for "Awe dropping;" the design could hint at the iPhone 17's new thermal system with ...
Read Full Article20 comments
Awe Dropping Apple Event Feature

Five Things to Expect From Apple's 'Awe Dropping' September 9 Event

Tuesday August 26, 2025 4:17 pm PDT by
Apple today announced its "Awe Dropping" iPhone-centric event, which is set to take place on Tuesday, September 9 at 10:00 a.m. Pacific Time. There are a long list of products that are coming, but we thought we'd pull out five feature highlights to look forward to. That Super Thin iPhone - Apple's September 9 event will see the unveiling of the first redesigned iPhone we've had in years, ...
Read Full Article114 comments

Top Rated Comments

bottsjw Avatar
bottsjw
30 months ago
Yup. Belkin just lost my future business.
What a terrible policy/response.
?
Score: 67 Votes (Like | Disagree)
BBCWatcher Avatar
BBCWatcher
30 months ago
If you bought this product the first day it was available it’s 4 years old. If you were an average buyer it’s about 3 years old. And now Belkin has declared it e-waste because it was defective from the start, and they can’t be bothered to fix it. Thanks to Belkin for helping to destroy the planet faster.☹️
Score: 46 Votes (Like | Disagree)
mlrproducts Avatar
mlrproducts
30 months ago
As someone affected Belkin is off my list.

What a lazy response “it’s 4 years so we decided screw customers we can’t write software for something you paid for.”

Contributing to more unnecessary e-waste.

I’d happily go back to just using regular switches if, in exchange, all companies like this could just be out out of business.
Score: 39 Votes (Like | Disagree)
Nermal Avatar
Nermal
30 months ago
As others have said, that's pretty pathetic. Normal switches easily last for decades, so "killing" one after just four years is incredible.
Score: 33 Votes (Like | Disagree)
rtkane Avatar
rtkane
30 months ago
WHOEVER IS DOING THIS TO ME PLEASE STOP.



Attachment Image
Score: 33 Votes (Like | Disagree)
Rafterman Avatar
Rafterman
30 months ago
Yeah, they might switch your lamp on and off to annoy you :)
Score: 29 Votes (Like | Disagree)
Read All Comments