← back
CVE-2019-3949

CVE-2019-3949

EPSS 1.2%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Jul 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or download arbitrary files and possibly execute malicious code on the device.
Affected products
Arlo · Basestation firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.arlo.com/000062274/Security-Advisory-for-Networking-Misconfiguration-and-Insufficient-UART-Protection-Mechanisms