CVE-2025-60855

Sažetak

Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges.

Reference

https://cybermaya.in/posts/Post-45/
https://reolink.com/download-center/

CVSS

Base:	5.1
Impact:	4.2
Exploitability:	0.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

Zadnje važnije ažuriranje

16-10-2025 - 20:15

Objavljeno

16-10-2025 - 19:15