CVE-2025-60855
📋 TL;DR
CVE-2025-60855 is a firmware validation vulnerability in Reolink Video Doorbell WiFi DB_566128M5MP_W that allows attackers to bypass signature checks and install malicious firmware. This leads to arbitrary code execution with root privileges, potentially compromising the entire device. The vulnerability affects users of this specific Reolink video doorbell model.
💻 Affected Systems
- Reolink Video Doorbell WiFi DB_566128M5MP_W
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete device takeover allowing attackers to disable security features, access video feeds, use the device as a network pivot point, or join botnets.
Likely Case
Attackers could install backdoored firmware to persistently monitor video feeds, disable doorbell functionality, or use the device for local network attacks.
If Mitigated
With proper network segmentation and monitoring, impact is limited to the compromised device without lateral movement.
🎯 Exploit Status
Exploitation requires network access to the device and ability to trigger firmware updates. The vendor dispute suggests exploitation may be more complex than initially reported.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Reolink Download Center for latest firmware
Vendor Advisory: https://reolink.com/download-center/
Restart Required: Yes
Instructions:
1. Visit Reolink Download Center. 2. Download latest firmware for DB_566128M5MP_W. 3. Upload firmware via Reolink app/web interface. 4. Device will reboot automatically.
🔧 Temporary Workarounds
Network Segmentation
allIsolate video doorbell on separate VLAN with restricted internet access
Disable Remote Firmware Updates
allConfigure device to only accept manual firmware updates
🧯 If You Can't Patch
- Physically disconnect device from network if not essential
- Implement strict firewall rules blocking all inbound connections to the device
🔍 How to Verify
Check if Vulnerable:
Check current firmware version in Reolink app settings. If not latest version from Reolink Download Center, device may be vulnerable.Check Version:
Check via Reolink mobile app: Device Settings > System Information > Firmware VersionVerify Fix Applied:
After updating, verify firmware version matches latest available on Reolink Download Center.📡 Detection & Monitoring
Log Indicators:
- Unexpected firmware update attempts
- Device reboots without user action
- Unusual network traffic from device
Network Indicators:
- Firmware download from non-Reolink sources
- Unusual outbound connections from device
SIEM Query:
source="reolink" AND (event="firmware_update" OR event="system_reboot")