PT-2019-16799 · Arlo · Arlo Basestation
Published
2019-07-09
·
Updated
2019-07-11
·
CVE-2019-3949
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Arlo Basestation firmware versions 1.12.0.1 27940 and prior
Description
The issue is related to a networking misconfiguration that allows access to restricted network interfaces. This could enable an attacker to upload or download arbitrary files and possibly execute malicious code on the device.
Recommendations
For Arlo Basestation firmware versions 1.12.0.1 27940 and prior, update to a newer version that contains a fix for this issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arlo Basestation