4 matches found
CVE-2021-40411
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 6 the dnsdata-dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS...
CVE-2021-40411
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 6 the dnsdata-dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS...
CVE-2021-40411
The CVE-2021-40411 issue affects Reolink RLC-410W devices (v3.0.0.136_20121102). The user-controlled input dns2 in the SetLocalLink API is not validated, allowing OS command injection when the system builds and executes a command via pip_system. The related SetDdns and SetLocalLink paths (and Set...
CVE-2021-40411
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 6 the dnsdata-dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS...