N/A

An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The UpgradePrepare is the API that checks if a provided filename identifies a new version of the RLC-410W firmware. If the version is new, it would be possible, allegedly, to later on perform the Upgrade. An attacker can send an HTTP request to trigger this vulnerability.

N/A

访问控制不恰当

Reolink Rlc-410W 访问控制错误漏洞

Reolink Rlc-410W是中国Reolink公司的一款 Wifi 安全摄像头。 Reolink RLC-410W v3.0.0.136_20121102 版本的cgiserver.cgi cgi_check_ability 存在访问控制错误漏洞，一个特别制作的HTTP请求可能导致拒绝服务。攻击者可以通过发送HTTP请求来触发该漏洞。

N/A

N/A