VYPR

Vendor CVEs

Reolink

All CVEs

116 total · sorted by risk
  • CVE-2025-60858HigOct 28, 2025
    risk 0.49cvss 7.5epss 0.00

    Reolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext within its configuration and update scripts, allowing attackers to intercept or extract sensitive information.

  • CVE-2025-60856MedOct 20, 2025
    risk 0.44cvss 6.8epss 0.00

    Reolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART/serial console. An attacker with physical access can connect to the exposed interface and execute arbitrary commands with root privileges. NOTE: this is disputed by the Supplier…

  • CVE-2025-55629MedAug 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.

  • CVE-2024-48644MedOct 22, 2024
    risk 0.35cvss 5.3epss 0.01

    Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially…

  • CVE-2025-55627MedAug 22, 2025
    risk 0.34cvss 5.3epss 0.00

    Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows authenticated attackers to create accounts with elevated privileges.

  • CVE-2025-55626MedAug 22, 2025
    risk 0.34cvss 5.3epss 0.00

    An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage.

  • CVE-2025-60855MedOct 16, 2025
    risk 0.33cvss 5.1epss 0.00

    Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the…

  • CVE-2025-55631MedAug 22, 2025
    risk 0.26cvss 4.0epss 0.00

    Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to manage users' sessions system wide instead of an account-by-account basis, potentially leading to a Denial of Service (DoS) via resource exhaustion. NOTE: the Supplier…

  • CVE-2021-40407KEVJan 28, 2022
    risk 0.14cvss epss 0.48

    An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->domain variable, that has the value of the domain parameter provided through the SetDdns API, is not…

  • CVE-2019-11001KEVApr 8, 2019
    risk 0.14cvss epss 0.38

    On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.

  • CVE-2026-4387LowMay 29, 2026
    risk 0.13cvss epss 0.00

    StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\\.sdm\state.kv. The file is…

  • CVE-2021-40149Jul 17, 2022
    risk 0.05cvss epss 0.06

    The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.

  • CVE-2021-40150Jul 17, 2022
    risk 0.03cvss epss 0.03

    The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or…

  • CVE-2021-40412Jan 28, 2022
    risk 0.01cvss epss 0.27

    An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead…

  • CVE-2021-40410Jan 28, 2022
    risk 0.01cvss epss 0.28

    An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [4] the dns_data->dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This…

  • CVE-2025-56799Oct 21, 2025
    risk 0.00cvss epss 0.01

    Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself.

  • CVE-2025-56800Oct 21, 2025
    risk 0.00cvss epss 0.00

    Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned…

  • CVE-2025-56801Oct 21, 2025
    risk 0.00cvss epss 0.00

    The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector (IV) in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's…

  • CVE-2025-56802Oct 21, 2025
    risk 0.00cvss epss 0.00

    The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt user configuration files allowing attackers with local access to decrypt sensitive application data stored in %APPDATA%. A different vulnerability than CVE-2025-56801. NOTE: the…

  • CVE-2025-55619Aug 22, 2025
    risk 0.00cvss epss 0.00

    Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering.

  • CVE-2025-55625Aug 22, 2025
    risk 0.00cvss epss 0.00

    An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior that supports redirection to Alexa URLs, which are not guaranteed to…

  • CVE-2025-55624Aug 22, 2025
    risk 0.00cvss epss 0.00

    An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components.

  • CVE-2025-55634Aug 22, 2025
    risk 0.00cvss epss 0.00

    Incorrect access control in the RTMP server settings of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to cause a Denial of Service (DoS) via initiating a large number of simultaneous ffmpeg-based stream…

  • CVE-2025-55620Aug 22, 2025
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

  • CVE-2025-55637Aug 22, 2025
    risk 0.00cvss epss 0.02

    Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to contain a command injection vulnerability via the setddns_pip_system() function.

  • CVE-2025-55623Aug 22, 2025
    risk 0.00cvss epss 0.00

    An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge).

  • CVE-2025-55630Aug 22, 2025
    risk 0.00cvss epss 0.00

    A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 when entering the wrong username and password allows attackers to enumerate existing accounts.

  • CVE-2025-55622Aug 22, 2025
    risk 0.00cvss epss 0.00

    Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. NOTE: this is disputed by the Supplier because it is intentional behavior to ensure a predictable user experience.

  • CVE-2025-55621Aug 22, 2025
    risk 0.00cvss epss 0.00

    An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are…

  • CVE-2024-48605Oct 22, 2024
    risk 0.00cvss epss 0.01

    An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file.

  • CVE-2022-36263Aug 19, 2022
    risk 0.00cvss epss 0.00

    StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file.

  • CVE-2021-44394Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44375Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44366Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44357Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44356Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44355Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44354Apr 14, 2022
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-40405Apr 14, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-44419Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetMdAlarm param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44418Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetMdState param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44417Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAlarm param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44416Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Disconnect param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44415Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. ModifyUser param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44414Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. DelUser param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44413Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. AddUser param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44412Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetRec param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44407Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. TestEmail param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44406Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAutoFocus param is not object. An attacker can send an HTTP request to trigger this…

  • CVE-2021-44405Jan 28, 2022
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. StartZoomFocus param is not object. An attacker can send an HTTP request to trigger…

Page 1 of 3