CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-21796

A memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.4%

CVSS Severity

CVSS v3 Score 9.3

CVSS v2 Score 6.4

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1451
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1451

Products affected by CVE-2022-21796

Reolink » Rlc-410w » Version: N/A

cpe:2.3:h:reolink:rlc-410w:-
Reolink » Rlc-410w Firmware » Version: 3.0.0.136_20121102

cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21796

Products

Pricing

Contact Us