exploitDog

GHSA-6fw7-fw9h-pq3q

Опубликовано: 22 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage.

An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-55626

CVSS3: 5.3

nvd

6 месяцев назад

An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage.

EPSS

Процентиль: 11%

0.00038

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-284