CVE-2021-44375

Vulnerability

The Reolink RLC-410W WiFi camera (firmware version v3.0.0.136_20121102) contains an improper input validation vulnerability (CWE-20) in the cgiserver.cgi JSON command parser. The device exposes a reboot API that is intended for administrator use only, but due to missing authentication checks, an unauthenticated attacker can trigger a specially-crafted HTTP request that kills the cgiserver.cgi process, causing the device to reboot [1].

Exploitation

An attacker can exploit this vulnerability by sending a single, specially-crafted HTTP request to the camera's cgiserver.cgi endpoint. No authentication or prior access is required. The request triggers a fatal error in the JSON parser, which terminates the cgiserver.cgi process and forces the device to reboot [1].

Impact

Successful exploitation results in a denial of service (DoS) condition: the camera reboots, temporarily losing video recording and network connectivity. The CVSSv3 score is 8.6 (High) with vector AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H, indicating no confidentiality or integrity impact but high availability impact [1].

Mitigation

As of the publication date (2022-04-14), no firmware update or workaround has been disclosed in the available reference [1]. Users should monitor the vendor's advisory for a patched version and consider network-level access controls (e.g., firewall rules) to limit exposure to trusted networks only.