CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44364
https://notcve.org/view.php?id=CVE-2021-44364
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetWifi param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44363
https://notcve.org/view.php?id=CVE-2021-44363
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPush param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44362
https://notcve.org/view.php?id=CVE-2021-44362
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetCloudSchedule param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44360
https://notcve.org/view.php?id=CVE-2021-44360
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetNorm param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44361
https://notcve.org/view.php?id=CVE-2021-44361
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Set3G param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44359
https://notcve.org/view.php?id=CVE-2021-44359
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetCrop param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44358
https://notcve.org/view.php?id=CVE-2021-44358
28 Jan 2022 — A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetRec param is not object. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad JSON command parser del archivo cgiserver.cgi de reolink RLC-410W versión v3.0.0.136_20121102. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1421 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40412
https://notcve.org/view.php?id=CVE-2021-40412
28 Jan 2022 — An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead to an OS command injection. Se presenta una vulnerabilidad de inyección de comandos del Sistema Operativo en la funcionalidad device network settings del dispositivo de reolink RLC-410W versión v3.0.0.136_20121102. En [8] la variabl... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1424 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40410
https://notcve.org/view.php?id=CVE-2021-40410
28 Jan 2022 — An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [4] the dns_data->dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This would lead to an OS command injection. Se presenta una vulnerabilidad de inyección de comandos del Sistema Operativo en la funcionalidad device network settings del dispositivo reolink RLC-410W versión v3.0.0.136_20121102. En [4] la vari... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1424 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40411
https://notcve.org/view.php?id=CVE-2021-40411
28 Jan 2022 — An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [6] the dns_data->dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS command injection. Se presenta una vulnerabilidad de inyección de comandos del Sistema Operativo en la funcionalidad device network settings del dispositivo reolink RLC-410W versión v3.0.0.136_20121102. En [6] la ... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1424 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •