CVE-2021-44368

Vulnerability

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser of the Reolink RLC-410W camera, specifically in firmware version v3.0.0.136_20121102. The issue lies in the improper validation of the SetNetPort parameter when it is not provided as a JSON object. The software version is confirmed as tested, and the vulnerability is identified as CWE-20 (Improper Input Validation). [1]

Exploitation

An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the camera's cgiserver.cgi service. No authentication is required, and the attack can be performed over the network without any user interaction. The crafted request triggers the JSON parser to mishandle the SetNetPort parameter, which causes the cgiserver.cgi process to terminate, leading to a device reboot. [1]

Impact

Successful exploitation results in a denial of service condition where the camera reboots. The CVSSv3 score is 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H), indicating high availability impact with no confidentiality or integrity loss. The reboot can interrupt surveillance operations until the device completes its boot cycle. [1]

Mitigation

As of the publication date of the advisory, no fix has been disclosed by the vendor for the tested firmware version v3.0.0.136_20121102. Users should monitor for firmware updates from Reolink and apply them when available. In the interim, restricting network access to the camera's administrative interface (e.g., via firewall rules) can reduce exposure. [1]