CVE-2021-44365

Vulnerability

A denial of service vulnerability exists in the JSON command parser functionality of cgiserver.cgi in reolink RLC-410W firmware version v3.0.0.136_20121102. The SetDevName parameter is improperly validated as an object when it is not one, causing the cgiserver.cgi process to crash and trigger a device reboot. No authentication is required to reach this vulnerable code path. [1]

Exploitation

An attacker with network access to the camera can send a specially-crafted HTTP request that supplies a non-object value to the SetDevName parameter. The request does not require any prior authentication or user interaction. The crash of cgiserver.cgi leads to the device rebooting. [1]

Impact

Successful exploitation results in a denial of service condition, causing the camera to reboot and become temporarily unavailable. The reboot primarily affects availability, with no direct impact on confidentiality or integrity. The provided CVSSv3 score is 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H), indicating a high-severity impact on availability with changed scope. [1]

Mitigation

As of the publication date (2022-01-28), no patched firmware version has been disclosed in the available references. Users should monitor the vendor's advisory for a fix and restrict network access to the camera's management interface to trusted networks only. [1]