CVE-2022-21217

Name of the Vulnerable Software and Affected Versions reolink RLC-410W version 3.0.0.136 20121102

Description An out-of-bounds write issue exists in the device's TestEmail functionality. A specially-crafted network request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this issue, potentially impacting the confidentiality, integrity, and availability of protected information.

Recommendations For reolink RLC-410W version 3.0.0.136 20121102, as a temporary workaround, consider disabling the TestEmail functionality until a patch is available. Restrict access to the vulnerable functionality to minimize the risk of exploitation. Avoid using the affected device's TestEmail feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.