Sign-up

ID

VAR-202201-0644


CVE

CVE-2021-40409


TITLE

reolink RLC-410W  In  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-018223

DESCRIPTION

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. This would lead to an OS command injection. (DoS) It may be in a state. Reolink Rlc-410W is a Wifi security camera from China Reolink company

Trust: 2.16

sources: NVD: CVE-2021-40409 // JVNDB: JVNDB-2021-018223 // CNVD: CNVD-2022-12810

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-12810

AFFECTED PRODUCTS

vendor:reolinkmodel:rlc-410wscope:eqversion:3.0.0.136_20121102

Trust: 1.0

vendor:reolink digitalmodel:rlc-410wscope:eqversion:rlc-410w firmware 3.0.0.136_20121102

Trust: 0.8

vendor:reolink digitalmodel:rlc-410wscope:eqversion: -

Trust: 0.8

vendor:reolinkmodel:rlc-410w 3.0.0.136 20121102scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2022-12810 // JVNDB: JVNDB-2021-018223 // NVD: CVE-2021-40409

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40409
value: CRITICAL

Trust: 1.0

talos-cna@cisco.com: CVE-2021-40409
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-40409
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-12810
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202201-2352
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2021-40409
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-12810
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-40409
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2021-40409
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.3
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2021-40409
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-12810 // JVNDB: JVNDB-2021-018223 // CNNVD: CNNVD-202201-2352 // NVD: CVE-2021-40409 // NVD: CVE-2021-40409

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-018223 // NVD: CVE-2021-40409

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-2352

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202201-2352

PATCH

title:Top Pageurl:https://reolink.com/

Trust: 0.8

title:Patch for Reolink RLC-410W Operating System Command Injection Vulnerability (CNVD-2022-12810)url:https://www.cnvd.org.cn/patchInfo/show/319061

Trust: 0.6

title:Reolink Rlc-410W Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=180343

Trust: 0.6

sources: CNVD: CNVD-2022-12810 // JVNDB: JVNDB-2021-018223 // CNNVD: CNNVD-202201-2352

EXTERNAL IDS

db:NVDid:CVE-2021-40409

Trust: 3.8

db:TALOSid:TALOS-2021-1424

Trust: 2.4

db:JVNDBid:JVNDB-2021-018223

Trust: 0.8

db:CNVDid:CNVD-2022-12810

Trust: 0.6

db:CS-HELPid:SB2022012706

Trust: 0.6

db:CNNVDid:CNNVD-202201-2352

Trust: 0.6

sources: CNVD: CNVD-2022-12810 // JVNDB: JVNDB-2021-018223 // CNNVD: CNNVD-202201-2352 // NVD: CVE-2021-40409

REFERENCES

url:https://talosintelligence.com/vulnerability_reports/talos-2021-1424

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-40409

Trust: 2.0

url:https://www.cybersecurity-help.cz/vdb/sb2022012706

Trust: 0.6

sources: CNVD: CNVD-2022-12810 // JVNDB: JVNDB-2021-018223 // CNNVD: CNNVD-202201-2352 // NVD: CVE-2021-40409

CREDITS

Discovered by Francesco Benvenuto of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202201-2352

SOURCES

db:CNVDid:CNVD-2022-12810
db:JVNDBid:JVNDB-2021-018223
db:CNNVDid:CNNVD-202201-2352
db:NVDid:CVE-2021-40409

LAST UPDATE DATE

2024-11-23T21:33:21.781000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-12810date:2022-02-21T00:00:00
db:JVNDBid:JVNDB-2021-018223date:2023-04-18T05:29:00
db:CNNVDid:CNNVD-202201-2352date:2022-04-20T00:00:00
db:NVDid:CVE-2021-40409date:2024-11-21T06:24:04.393

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-12810date:2022-02-21T00:00:00
db:JVNDBid:JVNDB-2021-018223date:2023-04-18T00:00:00
db:CNNVDid:CNNVD-202201-2352date:2022-01-26T00:00:00
db:NVDid:CVE-2021-40409date:2022-01-28T20:15:11.697