Arlo Basestation Firmware Vulnerability: Hardcoded Root Access via Serial Interface

Arlo Basestation Firmware Vulnerability: Hardcoded Root Access via Serial Interface

CVE-2019-3950 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.

Learn more about our User Device Pen Test.