CVE-2016-10116

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:arlo_base_station_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:netgear:vmk3xx0:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vmb30x0:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vms3xx0:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:arlo_q_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vmc3040:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:arlo_q_plus_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:vmc3040s:-:*:*:*:*:*:*:*

Information

Published : 2017-01-04 00:59

Updated : 2017-01-11 12:14


NVD link : CVE-2016-10116

Mitre link : CVE-2016-10116


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

netgear

  • vmc3040s
  • vms3xx0
  • vmc3040
  • arlo_q_plus_camera_firmware
  • vmk3xx0
  • arlo_base_station_firmware
  • arlo_q_camera_firmware
  • vmb30x0