CVE-2019-3950

Summary

Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.

Affected Software

VendorProductVersion RangeStatus
ArloBasestation firmware1.12.0.1_27940 and prioraffected

Weaknesses

  • Insufficient UART Protections

ADP Enrichment

CVE Program Container

Additional References

References