CVE-2025-55637
Published: 22 August 2025
Summary
CVE-2025-55637 is a critical-severity Command Injection (CWE-77) vulnerability in Reolink Smart 2K\+ Plug-In Wi-Fi Video Doorbell With Chime Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 16.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime firmware version 3.0.0.4662_2503122283 contains a command injection vulnerability in the setddns_pip_system() function. The flaw is tracked as CVE-2025-55637 with a CVSS 3.1 score of 9.8 and is classified under CWE-77, indicating improper neutralization of special elements used in a command.
The vulnerability can be exploited remotely by an unauthenticated attacker over the network. Successful exploitation grants the ability to execute arbitrary commands on the affected device, resulting in full compromise of confidentiality, integrity, and availability.
The EPSS score remains flat at 0.0189 with no observed increase after disclosure. The provided references consist of a CWE definition page and a disclosure note on a Notion site but contain no details on patches or mitigation steps.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-25598
Vulnerability details
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to contain a command injection vulnerability via the setddns_pip_system() function.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct remote unauthenticated command injection in network-exposed device enables exploitation of public-facing application for arbitrary command execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires validation and sanitization of inputs to the setddns_pip_system() function to directly prevent command injection exploitation.
Enforces access control policies requiring authentication and authorization prior to invoking vulnerable functions, blocking unauthenticated network-based exploits.
Mandates timely remediation of the identified command injection flaw in the specific firmware version to eliminate the vulnerability.