Sign-up

ID

VAR-202201-0660


CVE

CVE-2021-40410


TITLE

reolink RLC-410W  In  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-018222

DESCRIPTION

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [4] the dns_data->dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This would lead to an OS command injection. (DoS) It may be in a state. Reolink Rlc-410W is a Wifi security camera from China Reolink company. An attacker could exploit this vulnerability to cause command execution by sending a specially crafted HTTP request

Trust: 2.16

sources: NVD: CVE-2021-40410 // JVNDB: JVNDB-2021-018222 // CNVD: CNVD-2022-37403

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-37403

AFFECTED PRODUCTS

vendor:reolinkmodel:rlc-410wscope:eqversion:3.0.0.136_20121102

Trust: 1.0

vendor:reolink digitalmodel:rlc-410wscope:eqversion:rlc-410w firmware 3.0.0.136_20121102

Trust: 0.8

vendor:reolink digitalmodel:rlc-410wscope:eqversion: -

Trust: 0.8

vendor:reolinkmodel:rlc-410w 3.0.0.136 20121102scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2022-37403 // JVNDB: JVNDB-2021-018222 // NVD: CVE-2021-40410

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40410
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2021-40410
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-40410
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-37403
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202201-2350
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-40410
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-37403
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-40410
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2021-40410
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.3
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2021-40410
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-37403 // JVNDB: JVNDB-2021-018222 // CNNVD: CNNVD-202201-2350 // NVD: CVE-2021-40410 // NVD: CVE-2021-40410

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-018222 // NVD: CVE-2021-40410

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-2350

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202201-2350

PATCH

title:Top Pageurl:https://reolink.com/

Trust: 0.8

title:Patch for Reolink RLC-410W OS Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/332921

Trust: 0.6

title:Reolink Rlc-410W Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=180341

Trust: 0.6

sources: CNVD: CNVD-2022-37403 // JVNDB: JVNDB-2021-018222 // CNNVD: CNNVD-202201-2350

EXTERNAL IDS

db:NVDid:CVE-2021-40410

Trust: 3.8

db:TALOSid:TALOS-2021-1424

Trust: 2.4

db:JVNDBid:JVNDB-2021-018222

Trust: 0.8

db:CNVDid:CNVD-2022-37403

Trust: 0.6

db:CS-HELPid:SB2022012706

Trust: 0.6

db:CNNVDid:CNNVD-202201-2350

Trust: 0.6

sources: CNVD: CNVD-2022-37403 // JVNDB: JVNDB-2021-018222 // CNNVD: CNNVD-202201-2350 // NVD: CVE-2021-40410

REFERENCES

url:https://talosintelligence.com/vulnerability_reports/talos-2021-1424

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-40410

Trust: 2.0

url:https://www.cybersecurity-help.cz/vdb/sb2022012706

Trust: 0.6

sources: CNVD: CNVD-2022-37403 // JVNDB: JVNDB-2021-018222 // CNNVD: CNNVD-202201-2350 // NVD: CVE-2021-40410

CREDITS

Discovered by Francesco Benvenuto of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202201-2350

SOURCES

db:CNVDid:CNVD-2022-37403
db:JVNDBid:JVNDB-2021-018222
db:CNNVDid:CNNVD-202201-2350
db:NVDid:CVE-2021-40410

LAST UPDATE DATE

2024-11-23T21:33:22.011000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-37403date:2022-05-16T00:00:00
db:JVNDBid:JVNDB-2021-018222date:2023-04-18T05:23:00
db:CNNVDid:CNNVD-202201-2350date:2022-04-20T00:00:00
db:NVDid:CVE-2021-40410date:2024-11-21T06:24:04.533

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-37403date:2022-05-17T00:00:00
db:JVNDBid:JVNDB-2021-018222date:2023-04-18T00:00:00
db:CNNVDid:CNNVD-202201-2350date:2022-01-26T00:00:00
db:NVDid:CVE-2021-40410date:2022-01-28T20:15:11.740