exploitDog

GHSA-gg8c-3ww5-6v38

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

Ссылки

EPSS

Процентиль: 91%

0.0624

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-798

Связанные уязвимости

CVE-2016-10115

CVSS3: 9.8

nvd

около 9 лет назад

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

BDU:2017-02625

CVSS3: 9.8

fstec

больше 9 лет назад

Уязвимость микропрограммного обеспечения базовой станции NETGEAR Arlo и беспроводных камер видеонаблюдения NETGEAR Arlo Q и NETGEAR Arlo Q Plus, связанная с использованием предустановленных учетных данных, позволяющая нарушителю получить доступ к устройству

EPSS

Процентиль: 91%

0.0624

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-798