Details of VAR-202201-0655

ID

VAR-202201-0655

CVE

CVE-2021-40411

TITLE

reolink RLC-410W In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-018221

DESCRIPTION

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [6] the dns_data->dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS command injection. (DoS) It may be in a state. Reolink Rlc-410W is a Wifi security camera from China Reolink company

Trust: 2.16

sources: NVD: CVE-2021-40411 // JVNDB: JVNDB-2021-018221 // CNVD: CNVD-2022-12809

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-12809

AFFECTED PRODUCTS

vendor:	reolink	model:	rlc-410w	scope:	eq	version:	3.0.0.136_20121102	Trust: 1.0
vendor:	reolink digital	model:	rlc-410w	scope:	eq	version:	rlc-410w firmware 3.0.0.136_20121102	Trust: 0.8
vendor:	reolink digital	model:	rlc-410w	scope:	eq	version:	-	Trust: 0.8
vendor:	reolink	model:	rlc-410w 3.0.0.136 20121102	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2022-12809 // JVNDB: JVNDB-2021-018221 // NVD: CVE-2021-40411

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-40411
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2021-40411
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-40411
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2022-12809
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202201-2351
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-40411
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-12809
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-40411
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
talos-cna@cisco.com:	CVE-2021-40411
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.3
impactScore:	6.0
version:	3.0
Trust: 1.0
NVD:	CVE-2021-40411
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-12809 // JVNDB: JVNDB-2021-018221 // CNNVD: CNNVD-202201-2351 // NVD: CVE-2021-40411 // NVD: CVE-2021-40411

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.0
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-018221 // NVD: CVE-2021-40411

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-2351

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202201-2351

PATCH

title:	Top Page	url:	https://reolink.com/	Trust: 0.8
title:	Patch for Reolink RLC-410W Operating System Command Injection Vulnerability (CNVD-2022-12809)	url:	https://www.cnvd.org.cn/patchInfo/show/319076	Trust: 0.6
title:	Reolink Rlc-410W Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=180342	Trust: 0.6

sources: CNVD: CNVD-2022-12809 // JVNDB: JVNDB-2021-018221 // CNNVD: CNNVD-202201-2351

EXTERNAL IDS

db:	NVD	id:	CVE-2021-40411	Trust: 3.8
db:	TALOS	id:	TALOS-2021-1424	Trust: 2.4
db:	JVNDB	id:	JVNDB-2021-018221	Trust: 0.8
db:	CNVD	id:	CNVD-2022-12809	Trust: 0.6
db:	CS-HELP	id:	SB2022012706	Trust: 0.6
db:	CNNVD	id:	CNNVD-202201-2351	Trust: 0.6

sources: CNVD: CNVD-2022-12809 // JVNDB: JVNDB-2021-018221 // CNNVD: CNNVD-202201-2351 // NVD: CVE-2021-40411

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2021-1424	Trust: 3.0
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40411	Trust: 2.0
url:	https://www.cybersecurity-help.cz/vdb/sb2022012706	Trust: 0.6

sources: CNVD: CNVD-2022-12809 // JVNDB: JVNDB-2021-018221 // CNNVD: CNNVD-202201-2351 // NVD: CVE-2021-40411

CREDITS

Discovered by Francesco Benvenuto of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202201-2351

SOURCES

db:	CNVD	id:	CNVD-2022-12809
db:	JVNDB	id:	JVNDB-2021-018221
db:	CNNVD	id:	CNNVD-202201-2351
db:	NVD	id:	CVE-2021-40411

LAST UPDATE DATE

2024-11-23T21:33:21.863000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-12809	date:	2022-02-21T00:00:00
db:	JVNDB	id:	JVNDB-2021-018221	date:	2023-04-18T05:16:00
db:	CNNVD	id:	CNNVD-202201-2351	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2021-40411	date:	2024-11-21T06:24:04.670

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-12809	date:	2022-02-21T00:00:00
db:	JVNDB	id:	JVNDB-2021-018221	date:	2023-04-18T00:00:00
db:	CNNVD	id:	CNNVD-202201-2351	date:	2022-01-26T00:00:00
db:	NVD	id:	CVE-2021-40411	date:	2022-01-28T20:15:11.783