CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-55620

A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.2%

CVSS Severity

CVSS v3 Score 6.1

References

https://relieved-knuckle-264.notion.site/Reolink-javascript-injection-qr-code-21a43700364280eaa76fd56a01b25410

Products affected by CVE-2025-55620

Reolink » Reolink » Version: 4.54.0.4.20250526

cpe:2.3:a:reolink:reolink:4.54.0.4.20250526

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-55620

Products

Pricing

Contact Us