CVE-2025-55630

CVSS 7.3 HIGHEPSS 0.2%CWE-284

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 when entering the wrong username and password allows attackers to enumerate existing accounts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://relieved-knuckle-264.notion.site/User-Enumeration-Vulnerability-23c43700364280b6a46ae6302818b77e?source=copy_link