Vulnerabilities > Reolink > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-40412 | OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.2 |
| 2022-01-28 | CVE-2021-40413 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.1 |
| 2022-01-28 | CVE-2021-40414 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.1 |
| 2022-01-28 | CVE-2021-40416 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.8 |
| 2022-01-28 | CVE-2021-40419 | Unspecified vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2021-40423 | Improper Input Validation vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21134 | Improper Verification of Cryptographic Signature vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the "update" firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21236 | Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21796 | Out-of-bounds Write vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.2 |
| 2022-01-28 | CVE-2022-21801 | Integer Overflow or Wraparound vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |