Lucene search
HistoryJul 17, 2022 - 10:15 p.m.
CVE-2021-40149
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.009 Low
EPSS
Percentile
83.2%
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.
Affected configurations
Node
reolinke1_zoomMatch-
reolinke1_zoom_firmwareRange≤3.0.0.716
Related
prion
prion
Code injection
2022-07-17 22:15:00
cvelist
cvelist
CVE-2021-40149
2022-07-17 21:36:27
cve
cve
CVE-2021-40149
2022-07-17 22:15:08
zdt
zdt
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure Vulnerability
2022-06-07 00:00:00
packetstorm
packetstorm
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure
2022-06-06 00:00:00
nuclei
nuclei
Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure
2022-06-07 04:54:50
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.009 Low
EPSS
Percentile
83.2%
Related for NVD:CVE-2021-40149