CNNVD-202510-2720 Information

CNNVD ID

CNNVD-202510-2720

Related CVE

CVE-2025-56801

• CNNVD Published: 2025-10-21

Description (Chinese)

Reolink desktop application是美国Reolink公司的一个安全摄像头监控软件。 Reolink desktop application 8.18.12版本存在安全漏洞，该漏洞源于AES-CFB加密实现中使用硬编码凭据作为初始化向量，可能导致攻击者解密加密配置数据。

Description (English)

Reolink desktop application is a security camera monitoring software for Reolink. There is a security loophole in version 8.18.12 of Reolink desktop application, which stems from the use of hard-coding as an initialization vector for AES-CFB encryption, which may lead to the decryption of encrypted data by the assailant.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Reolink

Published

2025-10-21

Last Modified

2026-02-24

References

https://shinycolumn.notion.site/reolink-aes-iv https://github.com/shinyColumn/CVE-2025-56801 https://access.redhat.com/security/cve/cve-2025-56801