CVE-2019-11001

HIGHCISA KEV

7.2

Description

On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.

CVE Details

CVSS v3.1 Score7.2

SeverityHIGH

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredHIGH

User InteractionNONE

Published4/8/2019

Last Modified11/6/2025

Sourcekev

Honeypot Sightings0

CISA KEV

VendorReolink

ProductMultiple IP Cameras

Vulnerability NameReolink Multiple IP Cameras OS Command Injection Vulnerability

KEV Date Added2024-12-18

Remediation Due Date2025-01-08

Ransomware UseUnknown

Affected Products

reolink:c1_proreolink:c1_pro_firmwarereolink:c2_proreolink:c2_pro_firmwarereolink:rlc-410wreolink:rlc-410w_firmwarereolink:rlc-422wreolink:rlc-422w_firmwarereolink:rlc-511wreolink:rlc-511w_firmware

Weaknesses (CWE)

CWE-78CWE-78

References

https://github.com/mcw0/PoC/blob/master/Reolink-IPC-RCE.py(cve@mitre.org)

https://www.vdoo.com/blog/working-with-the-community-%E2%80%93-significant-vulnerabilities-in-reolink-cameras/(cve@mitre.org)

https://github.com/mcw0/PoC/blob/master/Reolink-IPC-RCE.py(af854a3a-2127-422b-91ae-364da2661108)

https://www.vdoo.com/blog/working-with-the-community-%E2%80%93-significant-vulnerabilities-in-reolink-cameras/(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11001(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.