CVE-2020-25169
Severity CVSS v4.0:
Pending analysis
Type:
CWE-319
Cleartext Transmission of Sensitive Information
Publication date:
26/01/2021
Last modified:
01/02/2021
Description
The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:reolink:rln8-410_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rln8-410:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:reolink:rlc-422_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rlc-422:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:reolink:rlc-510a_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rlc-510a:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:reolink:rlc-410_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rlc-410:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:reolink:rlc-423s_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rlc-423s:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:reolink:rlc-423_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rlc-423:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:reolink:rlc-520a_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:reolink:rlc-520a:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page