CVE-2020-25169
Reolink P2P Cameras
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.
Los productos P2P de Reolink afectados no protegen suficientemente los datos transferidos entre el dispositivo local y los servidores de Reolink. Esto puede permitir a un atacante acceder a información confidencial, tales como imágenes de cámaras
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-09-04 CVE Reserved
- 2021-01-26 CVE Published
- 2024-09-16 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Reolink Search vendor "Reolink" | Rln8-410 Firmware Search vendor "Reolink" for product "Rln8-410 Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rln8-410 Search vendor "Reolink" for product "Rln8-410" | - | - |
Safe
|
| Reolink Search vendor "Reolink" | Rlc-422 Firmware Search vendor "Reolink" for product "Rlc-422 Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rlc-422 Search vendor "Reolink" for product "Rlc-422" | - | - |
Safe
|
| Reolink Search vendor "Reolink" | Rlc-510a Firmware Search vendor "Reolink" for product "Rlc-510a Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rlc-510a Search vendor "Reolink" for product "Rlc-510a" | - | - |
Safe
|
| Reolink Search vendor "Reolink" | Rlc-410 Firmware Search vendor "Reolink" for product "Rlc-410 Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rlc-410 Search vendor "Reolink" for product "Rlc-410" | - | - |
Safe
|
| Reolink Search vendor "Reolink" | Rlc-423s Firmware Search vendor "Reolink" for product "Rlc-423s Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rlc-423s Search vendor "Reolink" for product "Rlc-423s" | - | - |
Safe
|
| Reolink Search vendor "Reolink" | Rlc-423 Firmware Search vendor "Reolink" for product "Rlc-423 Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rlc-423 Search vendor "Reolink" for product "Rlc-423" | - | - |
Safe
|
| Reolink Search vendor "Reolink" | Rlc-520a Firmware Search vendor "Reolink" for product "Rlc-520a Firmware" | - | - |
Affected
| in | Reolink Search vendor "Reolink" | Rlc-520a Search vendor "Reolink" for product "Rlc-520a" | - | - |
Safe
|