CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-40404

An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to authentication bypass. An attacker can send an HTTP request to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 6.4

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1420
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1420

Products affected by CVE-2021-40404

Reolink » Rlc-410w » Version: N/A

cpe:2.3:h:reolink:rlc-410w:-
Reolink » Rlc-410w Firmware » Version: 3.0.0.136_20121102

cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-40404

Products

Pricing

Contact Us