CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jan 8, 2025
High
CISA KEVCVE-2019-11001
Reolink—Multiple IP Cameras
Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulnerability. This vulnerability allows an authenticated admin to use the "TestEmail" functionality to inject and run OS commands as root.
Required Action
https://reolink.com/product-eol/ ; https://reolink.com/download-center/ ; https://nvd.nist.gov/vuln/detail/CVE-2019-11001
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Dec 18, 2024
- KEV Added
- Dec 18, 2024
- Due Date
- Jan 8, 2025
- Related Articles
- 0
Vendor
Reolink
Multiple IP Cameras