On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-04-08T17:00:21
Updated: 2024-08-04T22:40:15.887Z
Reserved: 2019-04-08T00:00:00
Link: CVE-2019-11001
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-04-08T17:29:00.590
Modified: 2019-04-09T14:11:43.437
Link: CVE-2019-11001
Redhat
No data.