GCVE - cpe:2.3:o:reolink:smart_2k\+_plug-in_wi-fi_video_doorbell_with_chime_firmware:3.0.0.4662

Approved changes feed: RSS · Atom

cpe:2.3:o:reolink:smart_2k\+_plug-in_wi-fi_video_doorbell_with_chime_firmware:3.0.0.4662_2503122283:*:*:*:*:*:*:*

part: o version: 3.0.0.4662_2503122283 update: *

Vendor	Reolink (`b49896ec-72c3-57ee-8581-bf98824c2ad2`)
Product	Smart 2K+ Plug In Wi Fi Video Doorbell With Chime Firmware (`66d24110-4b9b-5de4-9f05-75229cf71dd9`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-55637`	vulnerable	2026-06-03 15:04:58.843911	Details available Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to contain a command injection vulnerability via the setddns_pip_system() function. Published: 2025-08-22T00:00:00.000Z Updated: 2025-08-22T17:57:01.696Z Open on db.gcve.eu Reference links https://cwe.mitre.org/data/definitions/78.html https://relieved-knuckle-264.notion.site/Reolink-camera-command-injection-Ddns-username-23f437003642800f83aef6b07f914212?pvs=74	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-55634`	vulnerable	2026-06-03 15:04:58.843435	Details available Incorrect access control in the RTMP server settings of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to cause a Denial of Service (DoS) via initiating a large number of simultaneous ffmpeg-based stream pushes. Published: 2025-08-22T00:00:00.000Z Updated: 2025-08-22T17:58:04.736Z Open on db.gcve.eu Reference links https://cwe.mitre.org/data/definitions/400.html https://cwe.mitre.org/data/definitions/306.html https://relieved-knuckle-264.notion.site/RTMP-Injection-DoS-through-Unauthenticated-Stream-Publish-23c437003642800297c8c128b6117885?pvs=74	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-55630`	vulnerable	2026-06-03 15:04:58.840510	Details available A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 when entering the wrong username and password allows attackers to enumerate existing accounts. Published: 2025-08-22T00:00:00.000Z Updated: 2025-08-22T18:01:17.720Z Open on db.gcve.eu Reference links https://relieved-knuckle-264.notion.site/User-Enumeration-Vulnerability-23c43700364280b6a46ae6302818b77e?source=copy_link	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Smart 2K+ Plug In Wi Fi Video Doorbell With Chime Firmware

PURL mappings

Vulnerability references

Contribute