CVE-2016-10115

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:arlo_base_station_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:netgear:vmk3xx0:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vms3xx0:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vmb30x0:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:arlo_q_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vmc3040:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:arlo_q_plus_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vmc3040s:-:*:*:*:*:*:*:*

Information

Published : 2017-01-04 00:59

Updated : 2017-01-11 12:10


NVD link : CVE-2016-10115

Mitre link : CVE-2016-10115


JSON object : View

CWE
CWE-798

Use of Hard-coded Credentials

Advertisement

dedicated server usa

Products Affected

netgear

  • vmc3040s
  • vms3xx0
  • vmc3040
  • arlo_q_plus_camera_firmware
  • vmk3xx0
  • arlo_base_station_firmware
  • arlo_q_camera_firmware
  • vmb30x0