CVE-2021-44412
Description
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetRec param is not object. An attacker can send an HTTP request to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A denial of service vulnerability in reolink RLC-410W camera firmware allows remote unauthenticated attackers to trigger a reboot via a specially crafted HTTP request to cgiserver.cgi.
Vulnerability
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser of the Reolink RLC-410W wireless security camera running firmware version v3.0.0.136_20121102. Specifically, the GetRec parameter is not validated as an object, leading to improper input validation (CWE-20) [1]. When a specially crafted HTTP request is sent to this endpoint, it causes the cgiserver.cgi process to crash and subsequently triggers a device reboot [1]. The vulnerable firmware is used in the RLC-410W model (and potentially other Reolink devices) [1].
Exploitation
An attacker can exploit this vulnerability remotely over the network without any prior authentication or user interaction [1]. The attack complexity is low, and the exploit requires only the ability to send a crafted HTTP request to the camera's web interface (CGI server) [1]. The vulnerable parameter is within the JSON command parser, and by providing a malformed GetRec parameter that is not an object as expected, the parser fails in a way that kills the cgiserver.cgi process, leading to immediate reboot [1].
Impact
Successful exploitation results in a denial of service condition where the camera becomes unresponsive and reboots, temporarily disrupting its surveillance functions [1]. The vulnerability has a CVSSv3 score of 8.6 (High) with no impact on confidentiality or integrity, but a high availability impact [1]. The scope is changed because the availability loss can affect an entire network segment if the camera is part of a security system [1].
Mitigation
As of the time of publication, Reolink has not released a patched firmware version for the RLC-410W [1]. There are no known workarounds available, such as disabling the CGI interface or restricting network access, as the feature is part of the core camera management functionality [1]. Users should monitor vendor advisories for updates and consider placing the camera behind a firewall or VPN to limit exposure to untrusted networks [1]. This issue is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.
References
[1] Talos Intelligence Group, "TALOS-2021-1421" advisory, https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- reolink/RLC-410Wdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- talosintelligence.com/vulnerability_reports/TALOS-2021-1421mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.