Vulnerabilities > Reolink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-40416 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.8 |
| 2022-01-28 | CVE-2021-40419 | Unspecified vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2021-40423 | Improper Input Validation vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21134 | Improper Verification of Cryptographic Signature vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the "update" firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21199 | Use of Hard-coded Credentials vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. | 5.9 |
| 2022-01-28 | CVE-2022-21217 | Out-of-bounds Write vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. | 9.8 |
| 2022-01-28 | CVE-2022-21236 | Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21796 | Out-of-bounds Write vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.2 |
| 2022-01-28 | CVE-2022-21801 | Integer Overflow or Wraparound vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2021-01-26 | CVE-2020-25173 | Use of Hard-coded Credentials vulnerability in Reolink products An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access | 7.8 |