HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2022-21236

CVSS 7.5v3.1pub. 2022-01-28upd. 2024-11-21

An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Reolink Rlc 410w

    HW
    Reolink
    wszystkie wersje
  • Reolink Rlc 410w Firmware

    OS
    Reolink
    3.0.0.136_20121102
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-21217CRITICAL9.8ten sam produkt

An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.1...

CVE-2021-40408CRITICAL9.8ten sam produkt

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W ...

CVE-2021-40409CRITICAL9.8ten sam produkt

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W ...

CVE-2021-40407HIGH7.2⚠ KEVten sam produkt

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W ...

CVE-2019-11001HIGH7.2⚠ KEVten sam produkt

On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin ca...

CVE-2022-21236 β€” Reolink β€” Rlc-410W β€” HIGH β€” CVSS 7.5 | CVEbaza.pl