CVE-2021-44392

Vulnerability

The vulnerability resides in the JSON command parser of cgiserver.cgi on the reolink RLC-410W wireless security camera running firmware version v3.0.0.136_20121102. The parser fails to properly validate the GetImage parameter when it is not provided as an object, leading to a crash of the cgiserver.cgi process. This condition is reachable without any prior authentication or special configuration [1].

Exploitation

An attacker with network access to the camera can send a specially-crafted HTTP request to the vulnerable endpoint. The request must include a malformed GetImage parameter that is not an object (e.g., a string or integer). No authentication is required, and no user interaction is needed. The request triggers the parsing flaw, causing cgiserver.cgi to terminate and the device to reboot [1].

Impact

Successful exploitation results in a denial of service (DoS) condition: the camera reboots, interrupting video surveillance and other functionality until the device completes its boot cycle. There is no impact on confidentiality or integrity, but availability is fully compromised during the reboot [1].

Mitigation

As of the publication date of this advisory, no official fix or workaround has been disclosed in the available references. Users should monitor the vendor's support channels for firmware updates. The affected version v3.0.0.136_20121102 may be end-of-life; contacting reolink for a patched release is recommended [1].