CVE-2020-25173

Summary

An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access

Affected Software

VendorProductVersion RangeStatus
ReolinkRLC-4XX seriesAll versionsaffected
ReolinkRLC-5XX seriesAll versionsaffected
ReolinkRLN-X10 seriesAll versionsaffected

Weaknesses

  • CWE-321: USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321

ADP Enrichment

CVE Program Container

Additional References

References