CVE-2021-44384

Vulnerability

The vulnerability exists in the cgiserver.cgi JSON command parser of reolink RLC-410W firmware version v3.0.0.136_20121102. The SetPtzTattern parameter is not validated as an object, leading to improper input validation (CWE-20). A specially-crafted HTTP request can trigger a denial of service condition, causing the cgiserver.cgi process to terminate and the device to reboot. [1]

Exploitation

An attacker can exploit this vulnerability remotely without authentication by sending a crafted HTTP request to the camera's web interface. The attacker does not need any special network position beyond network access to the device. The request includes a malformed JSON payload for the SetPtzTattern parameter that is not an object, which causes the parser to fail and kill the cgiserver.cgi process. [1]

Impact

Successful exploitation results in a denial of service condition: the camera reboots, interrupting its operation. The impact is limited to availability (CIA: A), with no confidentiality or integrity compromise. The CVSSv3 score is 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). [1]

Mitigation

As of the publication date (2022-01-28), no firmware update has been released to address this vulnerability. Users should monitor the vendor's website for updates. No workaround is documented. The device is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog. [1]