Belkin Wemo Authentication Changes on August 27th | Yonomi

Belkin Wemo Authentication Changes on August 27th

The Belkin Wemo team recently discovered there is a security vulnerability present in local Wemo device communication over UPnP. Attackers who exploit this vulnerability can control a user's Wemo devices remotely after tricking them into visiting a malicious web page. To remediate this vulnerability we are adding authentication mechanisms to local device communication.

Belkin is making every effort to continue to provide  support for local integrations with Wemo devices -- which is what Yonomi uses for control.  To do so, Belkin is providing users the choice to turn off/on this local authentication. Local authentication will be on by default. When local authentication is used, all third-party functionality that uses UPnP to communicate with Wemo devices will not work (except for status queries).

Beginning August 27 a Wemo app update will be released that prompts users to download firmware which turns on local authentication. Users can toggle this feature off/on in the 'More' tab.

If this toggle is not enabled, control of Wemo devices will not work.