Lucene search
HistoryJul 17, 2022 - 10:15 p.m.
CVE-2021-40149
cve-2021-40149
e1 zoom camera
web server
ssl private key disclosure
vulnerability
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.009 Low
EPSS
Percentile
83.2%
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.
Affected configurations
Node
reolinke1_zoomMatch-
reolinke1_zoom_firmwareRange≤3.0.0.716
| CPE | Name | Operator | Version |
|---|---|---|---|
| reolink:e1_zoom_firmware | reolink e1 zoom firmware | le | 3.0.0.716 |
References
Social References
More
Related
prion
prion
Code injection
2022-07-17 22:15:00
cvelist
cvelist
CVE-2021-40149
2022-07-17 21:36:27
zdt
zdt
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure Vulnerability
2022-06-07 00:00:00
packetstorm
packetstorm
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure
2022-06-06 00:00:00
nuclei
nuclei
Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure
2022-06-07 04:54:50
nvd
nvd
CVE-2021-40149
2022-07-17 22:15:08
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.009 Low
EPSS
Percentile
83.2%
Related for CVE-2021-40149