Filtered by vendor Reolink
Subscribe
Total
92 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44400 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetPtzPatrol param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44407 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. TestEmail param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44417 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAlarm param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44383 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoUpgrade param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44385 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzSerial param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-40406 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi session creation functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to prevent users from logging in. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44399 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetPtzPreset param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-40419 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2021-44402 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetPtzSerial param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44384 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzTattern param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44359 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetCrop param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44365 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetDevName param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44403 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetPtzTattern param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44393 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetIsp param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44401 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. PtzCtrl param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-40413 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.5 MEDIUM | 7.1 HIGH |
| An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The UpgradePrepare is the API that checks if a provided filename identifies a new version of the RLC-410W firmware. If the version is new, it would be possible, allegedly, to later on perform the Upgrade. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44378 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetEnc param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44410 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. UpgradePrepare param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44363 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPush param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2021-44396 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Preview param is not object. An attacker can send an HTTP request to trigger this vulnerability. | |||||