CVE-2022-21796

Name of the Vulnerable Software and Affected Versions Reolink RLC-410W version 3.0.0.136 20121102

Description A memory corruption issue exists in the netserver parse command list functionality, related to an out-of-bounds write operation. This can be triggered by a specially-crafted HTTP request, potentially allowing a remote attacker to cause a denial of service.

Recommendations For Reolink RLC-410W version 3.0.0.136 20121102, consider restricting access to the netserver parse command list functionality until a patch is available. As a temporary workaround, avoid using the vulnerable functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.