Vulnerabilities > CVE-2021-40419 - Unspecified vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

reolink

NVD

Published: 2022-01-28

Updated: 2022-09-30

Summary

A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Reolink Reolink RLC 410W Firmware 3.0.0.136_20121102	1
Hardware	Reolink Reolink RLC 410W -	1

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1428