Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for RLN-X10 series by Reolink

    CVE-2020-25173 (GCVE-0-2020-25173)

    Vulnerability from nvd – Published: 2021-01-26 12:45 – Updated: 2024-09-16 20:47
    VLAI
    Title
    Reolink P2P Cameras
    Summary
    An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access
    Severity
    No CVSS data available.
    CWE
    • CWE-321 - USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321
    Assigner
    References
    Impacted products
    Date Public
    2021-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:26:09.495Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RLC-4XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLC-5XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLN-X10 series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            }
          ],
          "datePublic": "2021-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-26T12:45:53.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
            }
          ],
          "source": {
            "advisory": "ICSA-21-019-02",
            "discovery": "UNKNOWN"
          },
          "title": "Reolink P2P Cameras",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2021-01-20T05:00:00.000Z",
              "ID": "CVE-2020-25173",
              "STATE": "PUBLIC",
              "TITLE": "Reolink P2P Cameras"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RLC-4XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLC-5XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLN-X10 series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Reolink"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access"
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02",
                  "refsource": "MISC",
                  "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
                }
              ]
            },
            "source": {
              "advisory": "ICSA-21-019-02",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2020-25173",
        "datePublished": "2021-01-26T12:45:53.081Z",
        "dateReserved": "2020-09-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:47:12.070Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-25169 (GCVE-0-2020-25169)

    Vulnerability from nvd – Published: 2021-01-26 12:46 – Updated: 2024-09-16 22:15
    VLAI
    Title
    Reolink P2P Cameras
    Summary
    The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.
    Severity
    No CVSS data available.
    CWE
    • CWE-319 - CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319
    Assigner
    References
    Impacted products
    Date Public
    2021-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:26:09.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RLC-4XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLC-5XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLN-X10 series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            }
          ],
          "datePublic": "2021-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-26T12:46:09.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
            }
          ],
          "source": {
            "advisory": "ICSA-21-019-02",
            "discovery": "UNKNOWN"
          },
          "title": "Reolink P2P Cameras",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2021-01-20T05:00:00.000Z",
              "ID": "CVE-2020-25169",
              "STATE": "PUBLIC",
              "TITLE": "Reolink P2P Cameras"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RLC-4XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLC-5XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLN-X10 series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Reolink"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02",
                  "refsource": "MISC",
                  "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
                }
              ]
            },
            "source": {
              "advisory": "ICSA-21-019-02",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2020-25169",
        "datePublished": "2021-01-26T12:46:09.208Z",
        "dateReserved": "2020-09-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:15:58.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-25169 (GCVE-0-2020-25169)

    Vulnerability from cvelistv5 – Published: 2021-01-26 12:46 – Updated: 2024-09-16 22:15
    VLAI
    Title
    Reolink P2P Cameras
    Summary
    The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.
    Severity
    No CVSS data available.
    CWE
    • CWE-319 - CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319
    Assigner
    References
    Impacted products
    Date Public
    2021-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:26:09.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RLC-4XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLC-5XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLN-X10 series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            }
          ],
          "datePublic": "2021-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-26T12:46:09.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
            }
          ],
          "source": {
            "advisory": "ICSA-21-019-02",
            "discovery": "UNKNOWN"
          },
          "title": "Reolink P2P Cameras",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2021-01-20T05:00:00.000Z",
              "ID": "CVE-2020-25169",
              "STATE": "PUBLIC",
              "TITLE": "Reolink P2P Cameras"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RLC-4XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLC-5XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLN-X10 series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Reolink"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02",
                  "refsource": "MISC",
                  "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
                }
              ]
            },
            "source": {
              "advisory": "ICSA-21-019-02",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2020-25169",
        "datePublished": "2021-01-26T12:46:09.208Z",
        "dateReserved": "2020-09-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:15:58.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-25173 (GCVE-0-2020-25173)

    Vulnerability from cvelistv5 – Published: 2021-01-26 12:45 – Updated: 2024-09-16 20:47
    VLAI
    Title
    Reolink P2P Cameras
    Summary
    An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access
    Severity
    No CVSS data available.
    CWE
    • CWE-321 - USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321
    Assigner
    References
    Impacted products
    Date Public
    2021-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:26:09.495Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RLC-4XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLC-5XX series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            },
            {
              "product": "RLN-X10 series",
              "vendor": "Reolink",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            }
          ],
          "datePublic": "2021-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-26T12:45:53.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
            }
          ],
          "source": {
            "advisory": "ICSA-21-019-02",
            "discovery": "UNKNOWN"
          },
          "title": "Reolink P2P Cameras",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2021-01-20T05:00:00.000Z",
              "ID": "CVE-2020-25173",
              "STATE": "PUBLIC",
              "TITLE": "Reolink P2P Cameras"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RLC-4XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLC-5XX series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RLN-X10 series",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Reolink"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access"
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02",
                  "refsource": "MISC",
                  "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-02"
                }
              ]
            },
            "source": {
              "advisory": "ICSA-21-019-02",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2020-25173",
        "datePublished": "2021-01-26T12:45:53.081Z",
        "dateReserved": "2020-09-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:47:12.070Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }