N/A

An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [8] the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead to an OS command injection.

N/A

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Reolink Rlc-410W 操作系统命令注入漏洞

Reolink Rlc-410W是中国Reolink公司的一款 Wifi 安全摄像头。 Reolink RLC-410W v3.0.0.136_20121102 版本的设备网络设置功能存在操作系统命令注入漏洞，一个特别制作的HTTP请求可以导致任意命令的执行。攻击者可以通过发送HTTP请求来触发该漏洞。

N/A

N/A