exploitDog

GHSA-4w9f-9m3g-xg89

Опубликовано: 22 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.

Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.

Ссылки

EPSS

Процентиль: 13%

0.00043

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-378

Связанные уязвимости

CVE-2025-55629

CVSS3: 6.5

nvd

6 месяцев назад

Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.

EPSS

Процентиль: 13%

0.00043

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-378