CVE-2019-11001

HIGH KEV

Reolink Rlc-410w Firmware < 1.0.227 - OS Command Injection

Title source: rule

Description

On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.

References (3)

[Exploit, Third Party Advisory] https://github.com/mcw0/PoC/blob/master/Reolink-IPC-RCE.py

View Exploit ZIP pw:eip

[Broken Link, Exploit, Third Party Advisory] https://www.vdoo.com/blog/working-with-the-community-%E2%80%93-significant-vulnerabilities-in-reolink-cameras/

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11001

Scores

CVSS v3 7.2

EPSS 0.3837

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2024-12-18

VulnCheck KEV 2024-12-18

InTheWild.io 2024-12-18

ENISA EUVD EUVD-2019-2715

CWE

CWE-78

Status published

Products (5)

reolink/c1_pro_firmware < 1.0.227

reolink/c2_pro_firmware < 1.0.227

reolink/rlc-410w_firmware < 1.0.227

reolink/rlc-422w_firmware < 1.0.227

reolink/rlc-511w_firmware < 1.0.227

Published Apr 08, 2019

KEV Added Dec 18, 2024

Tracked Since Feb 18, 2026