Reolink Rlc-410W Firmware vulnerabilities
88 known vulnerabilities affecting reolink/rlc-410w_firmware.
Total CVEs
88
CISA KEV
2
actively exploited
Public exploits
0
Exploited in wild
2
Severity breakdown
CRITICAL3HIGH81MEDIUM4
Vulnerabilities
Page 3 of 5
CVE-2021-44400P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44400 [HIGH] CWE-20 CVE-2021-44400: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetPtzPatrol param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44410P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44410 [HIGH] CWE-20 CVE-2021-44410: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. UpgradePrepare param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44405P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44405 [HIGH] CWE-20 CVE-2021-44405: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. StartZoomFocus param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44414P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44414 [HIGH] CWE-20 CVE-2021-44414: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. DelUser param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44398P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44398 [HIGH] CWE-20 CVE-2021-44398: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. rtmp=stop param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44392P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44392 [HIGH] CWE-20 CVE-2021-44392: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetImage param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44387P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44387 [HIGH] CWE-20 CVE-2021-44387: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzPreset param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44412P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44412 [HIGH] CWE-20 CVE-2021-44412: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetRec param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44413P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44413 [HIGH] CWE-20 CVE-2021-44413: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. AddUser param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44404P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44404 [HIGH] CWE-20 CVE-2021-44404: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetZoomFocus param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44386P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44386 [HIGH] CWE-20 CVE-2021-44386: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzPatrol param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44388P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44388 [HIGH] CWE-20 CVE-2021-44388: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Login param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44406P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44406 [HIGH] CWE-20 CVE-2021-44406: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAutoFocus param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44396P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44396 [HIGH] CWE-20 CVE-2021-44396: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Preview param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44417P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44417 [HIGH] CWE-20 CVE-2021-44417: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAlarm param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-40406P3HIGHCVSS 7.5v3.0.0.136_201211022022-01-28
CVE-2021-40406 [HIGH] CWE-400 CVE-2021-40406: A denial of service vulnerability exists in the cgiserver.cgi session creation functionality of reol
A denial of service vulnerability exists in the cgiserver.cgi session creation functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to prevent users from logging in. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2022-21801P3HIGHCVSS 7.5v3.0.0.136_201211022022-01-28
CVE-2022-21801 [HIGH] CWE-190 CVE-2022-21801: A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-
A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request can lead to a reboot. An attacker can send a malicious packet to trigger this vulnerability.
nvd
CVE-2021-44411P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44411 [HIGH] CWE-20 CVE-2021-44411: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Search param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44380P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44380 [HIGH] CWE-20 CVE-2021-44380: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetTime param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-44373P3HIGHCVSS 7.7v3.0.0.136_201211022022-01-28
CVE-2021-44373 [HIGH] CWE-20 CVE-2021-44373: A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoFocus param is not object. An attacker can send an HTTP request to trigger this vulnerability.
nvd