Vulnerabilities > Reolink > RLC 410W Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-40413 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.1 |
| 2022-01-28 | CVE-2021-40414 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.1 |
| 2022-01-28 | CVE-2021-40416 | Incorrect Default Permissions vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.8 |
| 2022-01-28 | CVE-2021-40419 | Unspecified vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2021-40423 | Improper Input Validation vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21134 | Improper Verification of Cryptographic Signature vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the "update" firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21236 | Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-28 | CVE-2022-21796 | Out-of-bounds Write vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. | 8.2 |
| 2022-01-28 | CVE-2022-21801 | Integer Overflow or Wraparound vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2019-04-08 | CVE-2019-11001 | OS Command Injection vulnerability in Reolink products On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field. | 7.2 |