CVE-2021-44414

Vulnerability

The denial of service vulnerability exists in the JSON command parser functionality of cgiserver.cgi on Reolink RLC-410W running firmware version 3.0.0.136_20121102. Specifically, the DelUser parameter is expected to be an object but is not properly validated, leading to a crash of the cgiserver.cgi process and subsequent device reboot. Affected firmware version is v3.0.0.136_20121102 [1].

Exploitation

An attacker can exploit this vulnerability by sending a specially-crafted HTTP request to the camera's web interface. No authentication is required, and the attack can be performed over the network. The attacker does not need any special privileges or user interaction [1].

Impact

Successful exploitation causes the cgiserver.cgi process to be killed, resulting in immediate reboot of the device. This constitutes a denial of service (DoS) condition, as the camera becomes unavailable temporarily. The CIA impact is: availability only, with no confidentiality or integrity impact. The CVSSv3 score is 8.6 (High) with vector AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H [1].

Mitigation

As of the publication date (2022-01-28), Reolink has not released a firmware update addressing this vulnerability. Users should monitor vendor advisories for patches. No workaround is described in the available references [1]. If a fix becomes available, it should be applied immediately to mitigate the risk.