VYPR
Vendor

Reolink

Products
12
CVEs
116
Across products
119
Status
Private

Products

12

Recent CVEs

116
View all 116 CVEs →
  • CVE-2025-60858HigOct 28, 2025
    risk 0.49cvss 7.5epss 0.00

    Reolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext within its configuration and update scripts, allowing attackers to intercept or extract sensitive information.

  • CVE-2025-60856MedOct 20, 2025
    risk 0.44cvss 6.8epss 0.00

    Reolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART/serial console. An attacker with physical access can connect to the exposed interface and execute arbitrary commands with root privileges. NOTE: this is disputed by the Supplier…

  • CVE-2025-55629MedAug 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.

  • CVE-2024-48644MedOct 22, 2024
    risk 0.35cvss 5.3epss 0.01

    Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially…

  • CVE-2025-55627MedAug 22, 2025
    risk 0.34cvss 5.3epss 0.00

    Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows authenticated attackers to create accounts with elevated privileges.

  • CVE-2025-55626MedAug 22, 2025
    risk 0.34cvss 5.3epss 0.00

    An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage.

  • CVE-2025-60855MedOct 16, 2025
    risk 0.33cvss 5.1epss 0.00

    Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the…

  • CVE-2025-55631MedAug 22, 2025
    risk 0.26cvss 4.0epss 0.00

    Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to manage users' sessions system wide instead of an account-by-account basis, potentially leading to a Denial of Service (DoS) via resource exhaustion. NOTE: the Supplier…

  • CVE-2021-40407KEVJan 28, 2022
    risk 0.14cvss epss 0.48

    An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->domain variable, that has the value of the domain parameter provided through the SetDdns API, is not…

  • CVE-2019-11001KEVApr 8, 2019
    risk 0.14cvss epss 0.38

    On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.

  • CVE-2026-4387LowMay 29, 2026
    risk 0.13cvss epss 0.00

    StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\\.sdm\state.kv. The file is…

  • CVE-2021-40149Jul 17, 2022
    risk 0.05cvss epss 0.06

    The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.

  • CVE-2021-40150Jul 17, 2022
    risk 0.03cvss epss 0.03

    The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or…

  • CVE-2021-40412Jan 28, 2022
    risk 0.01cvss epss 0.27

    An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead…

  • CVE-2021-40410Jan 28, 2022
    risk 0.01cvss epss 0.28

    An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [4] the dns_data->dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This…

  • CVE-2025-56799Oct 21, 2025
    risk 0.00cvss epss 0.01

    Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself.

  • CVE-2025-56802Oct 21, 2025
    risk 0.00cvss epss 0.00

    The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt user configuration files allowing attackers with local access to decrypt sensitive application data stored in %APPDATA%. A different vulnerability than CVE-2025-56801. NOTE: the…

  • CVE-2025-56801Oct 21, 2025
    risk 0.00cvss epss 0.00

    The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector (IV) in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's…

  • CVE-2025-56800Oct 21, 2025
    risk 0.00cvss epss 0.00

    Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned…

  • CVE-2025-55620Aug 22, 2025
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.