Описание
Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the integrity of updates is instead assured via a "private encryption algorithm" and other "tamper-proof verification."
EPSS
Процентиль: 3%
0.00016
Низкий
5.1 Medium
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 5.1
github
4 месяца назад
Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges.
EPSS
Процентиль: 3%
0.00016
Низкий
5.1 Medium
CVSS3
Дефекты
CWE-77