CVE-2019-3950

CVE-2019-3950

EPSS 1.7%

Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.

Affected products

Arlo · Basestation firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.arlo.com/000062274/Security-Advisory-for-Networking-Misconfiguration-and-Insufficient-UART-Protection-Mechanisms