Lucene search
K

7 matches found

NVD
NVD
added 2025/08/22 5:15 p.m.3 views

CVE-2025-55625

An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior that supports redirection to Alexa URLs, which are not guaranteed to remain at the same...

6.3CVSS0.00215EPSS
Exploits1References2
OSV
OSV
added 2025/08/22 5:15 p.m.5 views

CVE-2025-55621

An Insecure Direct Object Reference IDOR vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social...

6.5CVSS5.8AI score0.00222EPSS
Exploits1References1
NVD
NVD
added 2025/08/22 5:15 p.m.4 views

CVE-2025-55620

A cross-site scripting XSS vulnerability in the valuateJavascript function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS0.00213EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.7 views

PT-2025-34455 · Reolink · Reolink

Name of the Vulnerable Software and Affected Versions: Reolink version 4.54.0.4.20250526 Description: An intent redirection issue in Reolink allows unauthorized attackers to access internal functions or non-public components. Recommendations: At the moment, there is no information about a newer...

5.3CVSS6.9AI score0.00307EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/22 12:0 a.m.8 views

CVE-2025-55623

An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB Android Debug Bridge...

0.00292EPSS
Exploits1References1
CVE
CVE
added 2025/08/22 12:0 a.m.20 views

CVE-2025-55623

CVE-2025-55623 affects Reolink app version 4.54.0.4.20250526, targeting the lock screen component. The root cause is a bypass of authentication via Android Debug Bridge (ADB). Public sources (NVD/Red Hat) describe the vulnerability and its potential impact as authentication bypass with a CVSS v3....

5.4CVSS6.9AI score0.00292EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/08/22 12:0 a.m.19 views

CVE-2025-55621

The CVE-2025-55621 entry describes an insecure direct object reference (IDOR) in Reolink app version 4.54.0.4.20250526, where an attacker could access and download other users’ profile photos via a crafted URL. This is supported by multiple connected records noting the same vulnerability and the ...

6.5CVSS6.2AI score0.00222EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder