Vulnerabilities > Reolink > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-40410 | OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2021-40411 | OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2021-40412 | OS Command Injection vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2021-40413 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2021-40414 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 5.5 |
| 2022-01-28 | CVE-2021-40415 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |
| 2022-01-28 | CVE-2022-21134 | Improper Verification of Cryptographic Signature vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the "update" firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. | 5.0 |
| 2022-01-28 | CVE-2022-21199 | Use of Hard-coded Credentials vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. | 4.3 |
| 2022-01-28 | CVE-2022-21236 | Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. | 5.0 |
| 2021-01-26 | CVE-2020-25173 | Use of Hard-coded Credentials vulnerability in Reolink products An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access | 4.6 |