7.5
CVE-2020-25169
- EPSS 0.11%
- Veröffentlicht 26.01.2021 18:15:43
- Zuletzt bearbeitet 21.11.2024 05:17:32
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginThe affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Reolink ≫ Rln8-410 Firmware Version-
Reolink ≫ Rlc-422 Firmware Version-
Reolink ≫ Rlc-510a Firmware Version-
Reolink ≫ Rlc-410 Firmware Version-
Reolink ≫ Rlc-423s Firmware Version-
Reolink ≫ Rlc-423 Firmware Version-
Reolink ≫ Rlc-520a Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.308 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.