Reolink RLC-410W IP Camera OS Command Injection Vulnerability
Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings functionality.
A remote attacker, with administrative privileges, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2025-01-08 under CISA BOD 22-01.
This is a OS Command Injection (CWE-78) vulnerability in Reolink RLC-410W IP Camera. An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->domain variable, that has the value of the domain parameter provided through the SetDdns API, is not validated properly. This would lead to an OS command injection. An attacker can send an HTTP request to trigger this vulnerability. Exploitation requires remote network access, low attack complexity, an administrative account, and no user interaction required.
Probably yes if any of these apply:
Active exploitation documented in the wild. Threat-research write-up: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1424
Manual remediation steps
Apply the Vendor Patch
This vulnerability is in the CISA Known Exploited Vulnerabilities catalog — apply the vendor's security update as soon as possible.
CISA required action: The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.
References
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.
References