CVE-2021-40412
published 2022-01-28CVE-2021-40412: An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable…
PriorityP357high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
27.48%
97.8th percentile
An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead to an OS command injection.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| reolink | rlc-410w_firmware | — | — |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS Reolink RLC Series IP Camera SetDevName Authenticated Command Injection Attempt (CVE-2021-40412)
suricata·2025-01-27·CVSS 7.2
CVE-2021-40412 [HIGH] ET WEB_SPECIFIC_APPS Reolink RLC Series IP Camera SetDevName Authenticated Command Injection Attempt (CVE-2021-40412)
ET WEB_SPECIFIC_APPS Reolink RLC Series IP Camera SetDevName Authenticated Command Injection Attempt (CVE-2021-40412)
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Reolink RLC Series IP Camera SetDevName Authenticated Command Injection Attempt (CVE-2021-40412)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/cgi-bin/api.cgi|3f|cmd|3d|SetDevName"; fast_pattern; startswith; http.request_body; content:"|22|cmd|22|"; content:"|22|SetDevName|22 2c|"; within:20; content:"|22|name|22 3a|"; distance:0; pcre:"/^[^\x26]*?(?:(?:\x3b|%3[Bb])|(?:\x0a|%0[Aa])|(?:\x60|%60)|(?:\x7c|%7[Cc])|(?:\x24|%24))+/R"; reference:url,talosintelligence.com/vulnerability_reports/TALOS-2021-1424; reference:cve,2021-40412; classtype:attempted-admin; sid:2059717; rev:1
No public exploits indexed.
Talos
Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
blogs_talos·2022-01-26·CVSS 6.5
[MEDIUM] Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
## Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle attacks, stealing user login credentials and more.
The Reolink RLC-410W is a WiFi-connected security camera. The camera includes motion detection functionalities and multiple ways to save and view the recordings. The vulnerabilities Talos discovered exist in various functions and features of the camera. Some of these exploits could be combined, as well, to reboot the camera without authe
Talos
Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
blogs_talos·2022-01-26·CVSS 6.5
[MEDIUM] Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle attacks, stealing user login credentials and more.
The Reolink RLC-410W is a WiFi-connected security camera. The camera includes motion detection functionalities and multiple ways to save and view the recordings. The vulnerabilities Talos discovered exist in various functions and features of the camera. Some of these exploits could be combined, as well, to reboot the camera without authentication or run certain APIs.
There are five denial-of-service vulnerabilities that could allow an adversary to make the web service un
2022-01-28
Published