Описание
An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior that supports redirection to Alexa URLs, which are not guaranteed to remain at the same domain indefinitely.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:reolink:reolink:4.54.0.4.20250526:*:*:*:*:android:*:*
EPSS
Процентиль: 14%
0.00046
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.5
github
6 месяцев назад
An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL.
EPSS
Процентиль: 14%
0.00046
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-601