CNNVD-202510-2722 Information

CNNVD ID

CNNVD-202510-2722

Related CVE

CVE-2025-56800

• CNNVD Published: 2025-10-21

Description (Chinese)

Reolink desktop application是美国Reolink公司的一个安全摄像头监控软件。 Reolink desktop application 8.18.12版本存在安全漏洞，该漏洞源于本地身份验证机制实现不当，攻击者可通过修改JavaScript属性a.settingsManager.lockScreenPassword绕过身份验证。

Description (English)

Reolink desktop application is a security camera monitoring software for Reolink. There is a security loophole in version 8.18.12 of Reolink desktop application, which stems from the improper implementation of local identification mechanisms, and the attackers can circumvent identification by modifying JavaScript propertya.settingsManager.lockScreenPassword.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Reolink

Published

2025-10-21

Last Modified

2026-02-24

References

https://shinycolumn.notion.site/reolink-auth-bypass https://github.com/shinyColumn/CVE-2025-56800 https://access.redhat.com/security/cve/cve-2025-56800