Vulnerabilities > Reolink > RLC 410W Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-40423 | Improper Input Validation vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. | 7.8 |
| 2022-01-28 | CVE-2022-21134 | Improper Verification of Cryptographic Signature vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the "update" firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. | 5.0 |
| 2022-01-28 | CVE-2022-21199 | Use of Hard-coded Credentials vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. | 4.3 |
| 2022-01-28 | CVE-2022-21217 | Out-of-bounds Write vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. | 9.8 |
| 2022-01-28 | CVE-2022-21236 | Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. | 5.0 |
| 2022-01-28 | CVE-2022-21796 | Out-of-bounds Write vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.2 |
| 2022-01-28 | CVE-2022-21801 | Integer Overflow or Wraparound vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.8 |
| 2019-04-08 | CVE-2019-11001 | OS Command Injection vulnerability in Reolink products On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field. | 9.0 |