CVE-2021-44378

Vulnerability

The Reolink RLC-410W wireless security camera running firmware version v3.0.0.136_20121102 contains a denial-of-service vulnerability in the cgiserver.cgi JSON command parser. Specifically, the SetEnc parameter is not validated as an object, allowing a specially crafted HTTP request to cause the cgiserver.cgi process to crash, leading to an immediate device reboot. This vulnerability is classified as CWE-20 (Improper Input Validation) and is accessible without authentication. [1]

Exploitation

An unauthenticated attacker with network access to the camera can send a specially crafted HTTP request to the cgiserver.cgi endpoint. The attack requires no user interaction or special privileges. By supplying a malformed JSON value for the SetEnc parameter (which the parser expects to be an object but receives something else), the attacker triggers a NULL pointer dereference or similar condition that kills the cgiserver.cgi process, causing the device to reboot. [1]

Impact

Successful exploitation results in a denial-of-service condition where the camera immediately reboots. This interrupts surveillance and recording capabilities until the device completes its reboot cycle (typically a few minutes). The impact is limited to availability; there is no confidentiality or integrity compromise. The CVSS v3.0 score is 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). [1]

Mitigation

As of the publication date (2022-01-28), no firmware update has been released by Reolink to address this vulnerability. Users should restrict network access to the camera to trusted hosts only, ensure the device is not exposed to the public internet, and monitor vendor updates for a patched firmware version. If a fix becomes available, apply it immediately. This CVE is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date. [1]