Details of VAR-202201-0654

ID

VAR-202201-0654

CVE

CVE-2021-40414

TITLE

reolink RLC-410W Vulnerability regarding improper default permissions in

Trust: 0.8

sources: JVNDB: JVNDB-2021-018218

DESCRIPTION

An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The SetMdAlarm API sets the movement detection parameters, giving the ability to set the sensitivity of the camera per a range of hours, and which of the camera spaces to ignore when considering movement detection. Because in cgi_check_ability the SetMdAlarm API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to change the movement detection parameters. reolink RLC-410W There is a vulnerability in improper default permissions.Information is tampered with and service operation is interrupted (DoS) It may be in a state. Reolink Rlc-410W is a Wifi security camera from China Reolink company. There is an access control error vulnerability in cgiserver.cgi cgi_check_ability of Reolink RLC-410W v3.0.0.136_20121102, which can be exploited by attackers to cause denial of service

Trust: 2.16

sources: NVD: CVE-2021-40414 // JVNDB: JVNDB-2021-018218 // CNVD: CNVD-2022-10735

IOT TAXONOMY

category:	['IoT']	sub_category:	-	Trust: 0.6
category:	['camera device']	sub_category:	IP camera	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2022-10735

AFFECTED PRODUCTS

vendor:	reolink	model:	rlc-410w	scope:	eq	version:	3.0.0.136_20121102	Trust: 1.0
vendor:	reolink digital	model:	rlc-410w	scope:	eq	version:	rlc-410w firmware 3.0.0.136_20121102	Trust: 0.8
vendor:	reolink digital	model:	rlc-410w	scope:	eq	version:	-	Trust: 0.8
vendor:	reolink	model:	rlc-410w 3.0.0.136 20121102	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2022-10735 // JVNDB: JVNDB-2021-018218 // NVD: CVE-2021-40414

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-40414
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2021-40414
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-40414
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2022-10735
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202201-2359
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-40414
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-10735
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

talos-cna@cisco.com:	CVE-2021-40414
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.2
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2021-40414
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.2
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2022-10735 // JVNDB: JVNDB-2021-018218 // CNNVD: CNNVD-202201-2359 // NVD: CVE-2021-40414 // NVD: CVE-2021-40414

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.0
problemtype:	CWE-276	Trust: 1.0
problemtype:	Inappropriate default permissions (CWE-276) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-018218 // NVD: CVE-2021-40414

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-2359

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202201-2359

PATCH

title:	Top Page	url:	https://reolink.com/	Trust: 0.8
title:	Patch for Reolink RLC-410W Access Control Error Vulnerability (CNVD-2022-10735)	url:	https://www.cnvd.org.cn/patchInfo/show/319306	Trust: 0.6
title:	Reolink Rlc-410W Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=180349	Trust: 0.6

sources: CNVD: CNVD-2022-10735 // JVNDB: JVNDB-2021-018218 // CNNVD: CNNVD-202201-2359

EXTERNAL IDS

db:	NVD	id:	CVE-2021-40414	Trust: 3.9
db:	TALOS	id:	TALOS-2021-1425	Trust: 2.4
db:	JVNDB	id:	JVNDB-2021-018218	Trust: 0.8
db:	CNVD	id:	CNVD-2022-10735	Trust: 0.6
db:	CS-HELP	id:	SB2022012706	Trust: 0.6
db:	CNNVD	id:	CNNVD-202201-2359	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2022-10735 // JVNDB: JVNDB-2021-018218 // CNNVD: CNNVD-202201-2359 // NVD: CVE-2021-40414

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2021-1425	Trust: 3.0
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40414	Trust: 2.0
url:	https://www.cybersecurity-help.cz/vdb/sb2022012706	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2022-10735 // JVNDB: JVNDB-2021-018218 // CNNVD: CNNVD-202201-2359 // NVD: CVE-2021-40414

CREDITS

Discovered by Francesco Benvenuto of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202201-2359

SOURCES

db:	OTHER	id:	-
db:	CNVD	id:	CNVD-2022-10735
db:	JVNDB	id:	JVNDB-2021-018218
db:	CNNVD	id:	CNNVD-202201-2359
db:	NVD	id:	CVE-2021-40414

LAST UPDATE DATE

2025-01-30T20:10:56.094000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-10735	date:	2022-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2021-018218	date:	2023-04-18T05:06:00
db:	CNNVD	id:	CNNVD-202201-2359	date:	2022-06-16T00:00:00
db:	NVD	id:	CVE-2021-40414	date:	2024-11-21T06:24:05.110

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-10735	date:	2022-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2021-018218	date:	2023-04-18T00:00:00
db:	CNNVD	id:	CNNVD-202201-2359	date:	2022-01-26T00:00:00
db:	NVD	id:	CVE-2021-40414	date:	2022-01-28T20:15:11.917