CVE-2021-44374

Vulnerability

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser of Reolink RLC-410W firmware v3.0.0.136_20121102 [1]. The parser fails to validate the SetMask parameter as an object, allowing a specially-crafted HTTP request to trigger a reboot [1]. This is classified as CWE-20: Improper Input Validation [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the device without requiring authentication [1]. No user interaction or special network position is needed; the attack is over the network and can be performed remotely [1]. The request triggers the vulnerability in the JSON command parser, leading to a reboot [1].

Impact

Successful exploitation causes the device to reboot, resulting in a denial of service [1]. The attacker causes high availability impact, as the camera becomes temporarily unavailable until the reboot completes [1]. The CVSS v3.0 score is 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H), indicating a high-severity issue with no confidentiality or integrity impact [1].

Mitigation

As of the publication date (2022-01-28), no fixed version or workaround was disclosed in the available references [1]. Users should monitor the vendor for firmware updates and restrict network access to the device if possible [1].