CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-55621

An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.5%

CVSS Severity

CVSS v3 Score 6.5

References

https://relieved-knuckle-264.notion.site/Reolink-Download-a-profile-due-to-IDOR-21a43700364280ef9fc1ffb9c484a03e?source=copy_link

Products affected by CVE-2025-55621

Reolink » Reolink » Version: 4.54.0.4.20250526

cpe:2.3:a:reolink:reolink:4.54.0.4.20250526

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-55621

Products

Pricing

Contact Us