Reolink Multiple IP Cameras OS Command Injection Vulnerability
Details
CISA date
2024-12-18
Affected versions
Multiple IP Cameras
Summary
Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulnerability. This vulnerability allows an authenticated admin to use the "TestEmail" functionality to inject and run OS commands as root.
Remediation
The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.
Exploit info
No exploit-tagged NVD references in our cache; see the CISA KEV link below.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.