An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
The product uses a hard-coded, unchangeable cryptographic key.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rlc-410w_firmware | Reolink | 3.0.0.136_20121102 (including) | 3.0.0.136_20121102 (including) |