VYPR

E1 Zoom camera

by Reolink

CVEs (2)

  • CVE-2021-40149Jul 17, 2022
    risk 0.05cvss epss 0.06

    The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.

  • CVE-2021-40150Jul 17, 2022
    risk 0.03cvss epss 0.03

    The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or…