Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/10/22 12:11 a.m.23 views

CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

5.1CVSS6.8AI score0.00129EPSS
Exploits2References1
NVD
NVD
added 2025/10/21 7:21 p.m.5 views

CVE-2025-56802

The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt user configuration files allowing attackers with local access to decrypt sensitive application data stored in %APPDATA%. A different vulnerability than CVE-2025-56801. NOTE: the Supplier's position is...

5.1CVSS0.00122EPSS
Exploits2References2
NVD
NVD
added 2025/10/21 7:21 p.m.5 views

CVE-2025-56799

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...

6.5CVSS0.01236EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/21 12:0 a.m.4 views

EUVD-2025-35229

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data...

5.1CVSS6.3AI score0.00129EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/21 12:0 a.m.6 views

EUVD-2025-35218

The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt user configuration files allowing attackers with local access to decrypt sensitive application data stored in %APPDATA%. A different vulnerability than CVE-2025-56802...

5.1CVSS6AI score0.00122EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.4 views

Reolink desktop application 安全漏洞

Reolink desktop application is a security camera monitoring software from Reolink, Inc. A security vulnerability exists in Reolink desktop application version 8.18.12, which stems from an improper implementation of the local authentication mechanism that allows an attacker to bypass authenticatio...

5.1CVSS6.6AI score0.00242EPSS
Exploits2References3
CVE
CVE
added 2025/10/21 12:0 a.m.12 views

CVE-2025-56802

The connected Red Hat and NVD entries confirm CVE-2025-56802 affects the Reolink desktop application and centers on a hard-coded and predictable AES encryption key used to encrypt user configuration files. This allows attackers with local access to decrypt sensitive data stored in %APPDATA%. The ...

5.1CVSS6.1AI score0.00122EPSS
Exploits2References2Affected Software1
EUVD
EUVD
added 2025/10/21 12:0 a.m.6 views

EUVD-2025-35237

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name...

6.5CVSS7AI score0.01236EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2025/10/18 12:51 p.m.313 views

Exploit for CVE-2025-56799

CVE-2025-56799 OS Command Injection Vulnerability via Cach...

7.6AI score0.01236EPSS
Exploits4
Rows per page
Query Builder