Sign-up

ID

VAR-202201-0650


CVE

CVE-2021-40408


TITLE

reolink RLC-410W  In  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-018224

DESCRIPTION

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. This would lead to an OS command injection. (DoS) It may be in a state. Reolink Rlc-410W is a Wifi security camera from China Reolink company. The vulnerability arises from the fact that the network system or product fails to properly filter special characters, commands, etc. in the process of user input constructing and executing commands. An attacker could exploit this vulnerability to inject and execute arbitrary commands

Trust: 2.16

sources: NVD: CVE-2021-40408 // JVNDB: JVNDB-2021-018224 // CNVD: CNVD-2022-08446

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-08446

AFFECTED PRODUCTS

vendor:reolinkmodel:rlc-410wscope:eqversion:3.0.0.136_20121102

Trust: 1.0

vendor:reolink digitalmodel:rlc-410wscope:eqversion:rlc-410w firmware 3.0.0.136_20121102

Trust: 0.8

vendor:reolink digitalmodel:rlc-410wscope:eqversion: -

Trust: 0.8

vendor:reolinkmodel:digital technology rlc-410w 3.0.0.136 20121102scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2022-08446 // JVNDB: JVNDB-2021-018224 // NVD: CVE-2021-40408

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40408
value: CRITICAL

Trust: 1.0

talos-cna@cisco.com: CVE-2021-40408
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-40408
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-08446
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202201-2355
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2021-40408
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-08446
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-40408
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2021-40408
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.3
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2021-40408
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-08446 // JVNDB: JVNDB-2021-018224 // CNNVD: CNNVD-202201-2355 // NVD: CVE-2021-40408 // NVD: CVE-2021-40408

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-018224 // NVD: CVE-2021-40408

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-2355

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202201-2355

PATCH

title:Top Pageurl:https://reolink.com/

Trust: 0.8

title:Patch for Reolink RLC-410W Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/317866

Trust: 0.6

title:Reolink Rlc-410W Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=180346

Trust: 0.6

sources: CNVD: CNVD-2022-08446 // JVNDB: JVNDB-2021-018224 // CNNVD: CNNVD-202201-2355

EXTERNAL IDS

db:NVDid:CVE-2021-40408

Trust: 3.8

db:TALOSid:TALOS-2021-1424

Trust: 3.0

db:JVNDBid:JVNDB-2021-018224

Trust: 0.8

db:CNVDid:CNVD-2022-08446

Trust: 0.6

db:CS-HELPid:SB2022012706

Trust: 0.6

db:CNNVDid:CNNVD-202201-2355

Trust: 0.6

sources: CNVD: CNVD-2022-08446 // JVNDB: JVNDB-2021-018224 // CNNVD: CNNVD-202201-2355 // NVD: CVE-2021-40408

REFERENCES

url:https://talosintelligence.com/vulnerability_reports/talos-2021-1424

Trust: 3.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-40408

Trust: 1.4

url:https://www.cybersecurity-help.cz/vdb/sb2022012706

Trust: 0.6

sources: CNVD: CNVD-2022-08446 // JVNDB: JVNDB-2021-018224 // CNNVD: CNNVD-202201-2355 // NVD: CVE-2021-40408

CREDITS

Discovered by Francesco Benvenuto of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202201-2355

SOURCES

db:CNVDid:CNVD-2022-08446
db:JVNDBid:JVNDB-2021-018224
db:CNNVDid:CNNVD-202201-2355
db:NVDid:CVE-2021-40408

LAST UPDATE DATE

2024-11-23T21:33:21.891000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-08446date:2022-02-06T00:00:00
db:JVNDBid:JVNDB-2021-018224date:2023-04-18T05:39:00
db:CNNVDid:CNNVD-202201-2355date:2022-04-20T00:00:00
db:NVDid:CVE-2021-40408date:2024-11-21T06:24:04.257

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-08446date:2022-02-06T00:00:00
db:JVNDBid:JVNDB-2021-018224date:2023-04-18T00:00:00
db:CNNVDid:CNNVD-202201-2355date:2022-01-26T00:00:00
db:NVDid:CVE-2021-40408date:2022-01-28T20:15:11.650