What the vulnerability does
01Description
Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through <= 6.0.3.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through <= 6.0.3.
Explanation of Vulnerability in Simple Terms
Arlo versions 6.0.3 and earlier contain a vulnerability that allows an attacker to read sensitive data, modify information, or disrupt service. The attack requires network access and significant technical effort but no authentication or user interaction. All versions from 0 through 6.0.3 are affected.
What an attacker can do
Read sensitive data, modify information, or disrupt the service without authentication.
Potential impact on your site
If Arlo is deployed in your infrastructure, attackers can access, modify, or disable it remotely.
Conditions required to exploit
Network access and significant technical effort; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities