Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jan 8, 2025

CVE-2021-40407

High
EPSS 32.6%CISA KEV
Reolink/RLC-410W IP Camera

Description

Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings functionality.

EPSS — Exploit Probability

32.6%

Higher than 96.8% of all CVEs

Required Action

https://reolink.com/product-eol/ ; https://reolink.com/download-center/ ; https://nvd.nist.gov/vuln/detail/CVE-2021-40407

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
32.6%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Dec 18, 2024

Added to KEV

Dec 18, 2024

Remediation Due

Jan 8, 2025

Affected Product

Reolink

RLC-410W IP Camera

View all Reolink CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE