Netgear Arlo Base Station Firmware vulnerabilities
2 known vulnerabilities affecting netgear/arlo_base_station_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2016-10115P2CRITICALCVSS 9.8≤ 1.7.5_61782017-01-04
CVE-2016-10115 [CRITICAL] CWE-798 CVE-2016-10115: NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.
nvd
CVE-2016-10116P3HIGHCVSS 8.1≤ 1.7.5_61782017-01-04
CVE-2016-10116 [HIGH] CWE-264 CVE-2016-10116: NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack.
nvd