CVE-2021-40414
The CVE-2021-40414 issue affects Reolink RLC-410W (v3.0.0.136_20121102) where the cgiserver.cgi cgi_check_ability function lacks specific cases for certain API commands. As a result, a non-administrative user permission value of 7 can grant access to a broad set of APIs (e.g., SetMdAlarm, Upgrade...