Reolink E1 Zoom Firmware vulnerabilities
2 known vulnerabilities affecting reolink/e1_zoom_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-40150P3HIGHCVSS 7.5PoC≤ 3.0.0.7162022-07-17
CVE-2021-40150 [HIGH] CWE-552 CVE-2021-40150: The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ di
The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI.
nvd
CVE-2021-40149P3MEDIUMCVSS 5.9PoC≤ 3.0.0.7162022-07-17
CVE-2021-40149 [MEDIUM] CWE-552 CVE-2021-40149: The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root we
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.
nvd