Filtered by vendor Reolink
Subscriptions
Filtered by product Reolink
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55620 | 1 Reolink | 1 Reolink | 2025-08-23 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2025-55625 | 1 Reolink | 1 Reolink | 2025-08-23 | 6.5 Medium |
| An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. | ||||
| CVE-2025-55622 | 1 Reolink | 1 Reolink | 2025-08-23 | 6.5 Medium |
| Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. | ||||
| CVE-2025-55619 | 2 Google, Reolink | 2 Android, Reolink | 2025-08-23 | N/A |
| Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering. | ||||
| CVE-2025-55624 | 1 Reolink | 1 Reolink | 2025-08-23 | 5.3 Medium |
| An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components. | ||||
| CVE-2025-55623 | 2 Google, Reolink | 2 Android, Reolink | 2025-08-23 | 5.4 Medium |
| An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge). | ||||
| CVE-2025-55621 | 1 Reolink | 1 Reolink | 2025-08-23 | 6.5 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. | ||||
Page 1 of 1.