VYPR
Vendor

Arlo

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2019-3950CriJul 9, 2019
    risk 0.64cvss 9.8epss 0.02

    Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.

  • CVE-2019-3949CriJul 9, 2019
    risk 0.64cvss 9.8epss 0.01

    Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or download arbitrary files and possibly execute malicious code on the device.

  • CVE-2021-31505MedJun 29, 2021
    risk 0.44cvss 6.8epss 0.01

    This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3_278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a…