CVE-2016-10115 - OpenCVE

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Netgear	Arlo Q Camera Firmware Vmc3040 Arlo Base Station Firmware Vmc3040s Vmk3xx0 Arlo Q Plus Camera Firmware Vmb30x0 Vms3xx0

Configuration 1 [-]

AND

cpe:2.3:o:netgear:arlo_base_station_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:netgear:vmb30x0:-:::::::*
	cpe:2.3:h:netgear:vmk3xx0:-:::::::*
	cpe:2.3:h:netgear:vms3xx0:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:netgear:arlo_q_camera_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:vmc3040:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netgear:arlo_q_plus_camera_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:vmc3040s:-:*:*:*:*:*:*:*

References

Link	Resource
http://blog.newskysecurity.com/2016/09/factory_reset_vuln_in_netgear_arlo/	Third Party Advisory
http://kb.netgear.com/30731/Arlo-WiFi-Default-Password-Security-Vulnerability	Mitigation Vendor Advisory
http://www.securityfocus.com/bid/95265	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-01-04T08:10:00

Updated: 2017-01-05T10:57:01

Reserved: 2017-01-04T00:00:00

Link: CVE-2016-10115

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-01-04T08:59:00.147

Modified: 2017-01-11T20:10:28.617

Link: CVE-2016-10115

JSON object: View

Redhat Information

No data.

CWE

CWE-798

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-04T00:00:00", "descriptions": [{"lang": "en", "value": "NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-05T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://kb.netgear.com/30731/Arlo-WiFi-Default-Password-Security-Vulnerability"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.newskysecurity.com/2016/09/factory_reset_vuln_in_netgear_arlo/"}, {"name": "95265", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95265"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10115", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://kb.netgear.com/30731/Arlo-WiFi-Default-Password-Security-Vulnerability", "refsource": "MISC", "url": "http://kb.netgear.com/30731/Arlo-WiFi-Default-Password-Security-Vulnerability"}, {"name": "http://blog.newskysecurity.com/2016/09/factory_reset_vuln_in_netgear_arlo/", "refsource": "MISC", "url": "http://blog.newskysecurity.com/2016/09/factory_reset_vuln_in_netgear_arlo/"}, {"name": "95265", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95265"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10115", "datePublished": "2017-01-04T08:10:00", "dateReserved": "2017-01-04T00:00:00", "dateUpdated": "2017-01-05T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:arlo_base_station_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C68276B0-07D4-42C0-8B63-61ACCFA66CCE", "versionEndIncluding": "1.7.5_6178", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:vmb30x0:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CE76F66-9905-4FD5-B13F-17B214CF492D", "vulnerable": false}, {"criteria": "cpe:2.3:h:netgear:vmk3xx0:-:*:*:*:*:*:*:*", "matchCriteriaId": "670513FF-5BD7-493D-8B4B-1F67A0EC49B3", "vulnerable": false}, {"criteria": "cpe:2.3:h:netgear:vms3xx0:-:*:*:*:*:*:*:*", "matchCriteriaId": "786C64D4-33DE-4B12-89CC-1A52E9304328", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:arlo_q_camera_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55232F11-1DFE-4896-B3C1-BA20BA2EC2B6", "versionEndIncluding": "1.8.0_5551", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:vmc3040:-:*:*:*:*:*:*:*", "matchCriteriaId": "738FF594-37EF-44C5-AD2A-64A128259AF7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:arlo_q_plus_camera_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F99E0CEE-1472-4237-8F0F-34404A51F592", "versionEndIncluding": "1.8.1_6094", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:vmc3040s:-:*:*:*:*:*:*:*", "matchCriteriaId": "25875C09-1C48-4A95-8211-85C357A19255", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration."}, {"lang": "es", "value": "Estaciones base NETGEAR Arlo con firmware 1.7.5_6178 y versiones anteriores, dispositivos Arlo Q con firmware 1.8.0_5551 y versiones anteriores y dispositivos Arlo Q Plus con firmware 1.8.1_6094 y versiones anteriores tienen una contrase\u00f1a por defecto de 12345678, lo que facilita a atacantes remotos obtener acceso tras un reseteo de f\u00e1brica o en una configuraci\u00f3n de f\u00e1brica."}], "id": "CVE-2016-10115", "lastModified": "2017-01-11T20:10:28.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-04T08:59:00.147", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://blog.newskysecurity.com/2016/09/factory_reset_vuln_in_netgear_arlo/"}, {"source": "cve@mitre.org", "tags": ["Mitigation", "Vendor Advisory"], "url": "http://kb.netgear.com/30731/Arlo-WiFi-Default-Password-Security-Vulnerability"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95265"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}