Skip to main content

Reolink Home Hub CVE-2026-57473

| EUVDEUVD-2026-39646 MEDIUM
Use of Weak Credentials (CWE-1391)
2026-06-26 Nozomi GHSA-xmw8-pxhc-cq64
5.8
CVSS 4.0 · Vendor: Nozomi
Share

Severity by source

Vendor (Nozomi) PRIMARY
5.8 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.0 HIGH

Adjacent vector with high complexity for traffic interception prerequisite; no auth required; scope change to cameras with high C/I but no stated availability impact.

3.1 AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
4.0 AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N

Primary rating from Vendor (Nozomi).

CVSS VectorVendor: Nozomi

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jun 26, 2026 - 12:02 EUVD
Analysis Generated
Jun 26, 2026 - 11:22 vuln.today

DescriptionCVE.org

A vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the possibility of brute-force cracking the credentials. This issue could allow attackers on the same local network to intercept traffic between the Hub and associated cameras and compromise the credentials of connected cameras.

AnalysisAI

Credential brute-force exposure in Reolink Home Hub (versions prior to v3.3.0.456_26031911) enables adjacent-network attackers to crack authentication credentials used between the Hub and its associated cameras. The netclient and factory services transmit or store credentials in a manner susceptible to brute-force attack, allowing an adversary on the same local network to intercept Hub-to-camera traffic and recover camera credentials. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain adjacent network access
Delivery
Intercept Hub-to-camera protocol traffic
Exploit
Capture credential material from netclient/factory services
Execution
Offline brute-force credential recovery
Persist
Authenticate to connected cameras
Impact
Access live feeds and reconfigure cameras

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to be on the same local network segment (Wi-Fi or LAN) as the Reolink Home Hub - remote internet-based exploitation is not possible given AV:A. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is moderate but context-dependent. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker connected to the same Wi-Fi network as the Reolink Home Hub - such as a guest network participant or a compromised device on the LAN - passively captures traffic between the Hub and its cameras using standard packet capture tools. The attacker extracts credential material from the netclient or factory service communications and applies offline brute-force techniques to recover plaintext camera credentials. …
Remediation The confirmed fix is upgrading Reolink Home Hub firmware to v3.3.0.456_26031911 or later, which addresses the weak credential handling in the netclient and factory services. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57473 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy