Vulnerabilities > Reolink > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-17 | CVE-2021-40149 | Files or Directories Accessible to External Parties vulnerability in Reolink E1 Zoom Firmware 3.0.0.716 The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. | 5.9 |
| 2022-04-14 | CVE-2021-40405 | Improper Resource Shutdown or Release vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of Reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2021-40404 | Improper Authentication vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2021-40415 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2022-21199 | Use of Hard-coded Credentials vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. | 5.9 |