9.3

CVE-2016-10116

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NetgearArlo Base Station Firmware Version <= 1.7.5_6178
   NetgearVmb30x0 Version-
   NetgearVmk3xx0 Version-
   NetgearVms3xx0 Version-
NetgearArlo Q Camera Firmware Version <= 1.8.0_5551
   NetgearVmc3040 Version-
NetgearArlo Q Plus Camera Firmware Version <= 1.8.1_6094
   NetgearVmc3040s Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.09% 0.906
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
http://www.securityfocus.com/bid/95266
Third Party Advisory
VDB Entry