关键信息 CVE-2020-25173 Detail Description: An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access. CVSS Severity and Vector Strings: - Base Score: 7.8 HIGH - Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Weakness Enumeration CWE-798: Use of Hard-coded Credentials (Source: NIST) CWE-321: Use of Hard-coded Cryptographic Key (Source: ICS-CERT) Known Affected Software Configurations Configuration 1: cpe:2.3:o:reolink:rlc-410_firmware:::::::: Configuration 2: cpe:2.3:o:reolink:rlc-422_firmware:::::::: Configuration 3: cpe:2.3:o:reolink:rlc-510a_firmware:::::::: Configuration 4: cpe:2.3:o:reolink:rlc-423s_firmware:::::::: Configuration 5: cpe:2.3:o:reolink:rlc-423_firmware:::::::: Configuration 6: cpe:2.3:o:reolink:rlc-410p_firmware:::::::: Configuration 7: cpe:2.3:o:reolink:rlc-520a_firmware:::::::: Quick Info CVE Dictionary Entry: CVE-2020-25173 NVD Published Date: 03/26/2021 NVD Last Modified: 11/21/2024 Source: ICS-CERT