📦 Reolink
by Reolink
🔍 What is Reolink?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
The Reolink desktop application uses a predictable AES encryption key to protect user configuration files, allowing attackers with local system access to decrypt sensitive application data stored in %...
The Reolink desktop application version 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism. An attacker could execute arbitrary commands by crafting a malicio...
This vulnerability allows local attackers to bypass the lock screen authentication in Reolink desktop applications by modifying client-side JavaScript. It affects users of Reolink desktop software who...
The Reolink Desktop Application uses predictable initialization vectors in its AES-CFB encryption, potentially allowing attackers with local access to decrypt sensitive configuration data. This affect...
This CVE describes an intent redirection vulnerability in Reolink mobile app version 4.54.0.4.20250526 that allows attackers to bypass intended restrictions and access internal app functions or non-pu...
An open redirect vulnerability in Reolink firmware allows attackers to craft URLs that redirect users to malicious websites. This affects users of Reolink devices running vulnerable firmware versions....
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized users to access and download other users' profile photos by manipulating URL parameters. This...
This CVE describes a task hijacking vulnerability in Reolink software where inappropriate taskAffinity settings could allow malicious apps to intercept legitimate app tasks. This affects users of Reol...
This vulnerability allows attackers to bypass the lock screen authentication on Reolink mobile apps by exploiting Android Debug Bridge (ADB) access. It affects users of Reolink v4.54.0.4.20250526 who ...
This cross-site scripting (XSS) vulnerability in Reolink's valuateJavascript() function allows attackers to inject and execute malicious JavaScript or HTML code. It affects Reolink users running vulne...