An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior that supports redirection to Alexa URLs, which are not guaranteed to remain at the same domain indefinitely.
History

Mon, 01 Sep 2025 21:15:00 +0000

Type Values Removed Values Added
Description An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior that supports redirection to Alexa URLs, which are not guaranteed to remain at the same domain indefinitely.

Thu, 28 Aug 2025 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:reolink:reolink:4.54.0.4.20250526:*:*:*:*:android:*:*

Sat, 23 Aug 2025 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Reolink
Reolink reolink
Vendors & Products Reolink
Reolink reolink

Fri, 22 Aug 2025 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-601
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 22 Aug 2025 17:00:00 +0000

Type Values Removed Values Added
Description An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-09-01T21:09:47.438Z

Reserved: 2025-08-13T00:00:00.000Z

Link: CVE-2025-55625

cve-icon Vulnrichment

Updated: 2025-08-22T20:00:10.344Z

cve-icon NVD

Status : Modified

Published: 2025-08-22T17:15:34.250

Modified: 2025-09-01T21:15:28.223

Link: CVE-2025-55625

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-23T11:53:12Z