Exploitation Summary
CVE-2021-40149 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.
Nuclei Templates (1)
Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure
MEDIUMVERIFIEDby For3stCo1d
Shodan:
http.title:"Reolink"
FOFA:
title="reolink"
References (3)
Core 3
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/167407/Reolink-E1-Zoom-Camera-3.0.0.716-Private-Key-Disclosure.html
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2022/Jun/0
Exploit, Third Party Advisory x_refsource_misc
https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-40149.txt
Scores
CVSS v3
5.9
EPSS
0.0567
EPSS Percentile
92.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-552
Status
published
Products (1)
reolink/e1_zoom_firmware
< 3.0.0.716
Published
Jul 17, 2022
Tracked Since
Feb 18, 2026