{"vulnerability": "cve-2021-4041", "sightings": [{"uuid": "9f45b145-7fcc-444f-8ca6-db5036640632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40415", "type": "seen", "source": "https://t.me/cibsecurity/36487", "content": "\u203c CVE-2021-40415 \u203c\n\nAn incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. In cgi_check_ability the Format API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to format the SD card and reboot the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:22:11.000000Z"}, {"uuid": "8f7459ba-6af8-44b9-a125-d0aa95b42501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40412", "type": "seen", "source": "https://t.me/cibsecurity/36501", "content": "\u203c CVE-2021-40412 \u203c\n\nAn OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead to an OS command injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:28:04.000000Z"}, {"uuid": "060afc45-ea09-44cf-b204-b0acad2aebc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40416", "type": "seen", "source": "https://t.me/cibsecurity/36496", "content": "\u203c CVE-2021-40416 \u203c\n\nAn incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. All the Get APIs that are not included in cgi_check_ability are already executable by any logged-in users. An attacker can send an HTTP request to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:27:58.000000Z"}, {"uuid": "da36e361-403e-46c9-93e1-57a41e6aec09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40410", "type": "seen", "source": "https://t.me/cibsecurity/36497", "content": "\u203c CVE-2021-40410 \u203c\n\nAn OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [4] the dns_data->dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This would lead to an OS command injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:27:59.000000Z"}, {"uuid": "5cbd46e1-f1bb-4215-96f1-7f0af62ba052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40411", "type": "seen", "source": "https://t.me/cibsecurity/36491", "content": "\u203c CVE-2021-40411 \u203c\n\nAn OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [6] the dns_data->dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS command injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:22:16.000000Z"}, {"uuid": "3bd94e59-0fa6-4454-a0a9-0de64fa1abaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40419", "type": "seen", "source": "https://t.me/cibsecurity/36515", "content": "\u203c CVE-2021-40419 \u203c\n\nA firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:28:22.000000Z"}, {"uuid": "8fe14fba-13f4-47a8-988f-ae57908f11a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40414", "type": "seen", "source": "https://t.me/cibsecurity/36500", "content": "\u203c CVE-2021-40414 \u203c\n\nAn incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The SetMdAlarm API sets the movement detection parameters, giving the ability to set the sensitivity of the camera per a range of hours, and which of the camera spaces to ignore when considering movement detection. Because in cgi_check_ability the SetMdAlarm API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to change the movement detection parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:28:02.000000Z"}, {"uuid": "61901931-ad29-49f7-b9aa-3063c6a81441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40418", "type": "seen", "source": "https://t.me/cibsecurity/34533", "content": "\u203c CVE-2021-40418 \u203c\n\nWhen parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the uninitialized member will be dereferenced and then destroyed using the object\u00e2\u20ac\u2122s virtual destructor. Due to the object property being uninitialized, this can result in dereferencing an arbitrary pointer for the object\u00e2\u20ac\u2122s virtual method table, which can result in code execution under the context of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-22T22:23:31.000000Z"}]}