CVE-2025-56799
Published: 21 October 2025
Summary
CVE-2025-56799 is a medium-severity Command Injection (CWE-77) vulnerability in Reolink Reolink. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Windows Command Shell (T1059.003); ranked in the top 14.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-35237
Vulnerability details
Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking…
more
himself.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection vulnerability in the application's scheduled cache-clearing mechanism allows arbitrary command execution via crafted folder name in the path, using Windows Command Shell (rd /s /q) on Windows and Unix Shell (rm -rf) on macOS. The daily scheduler facilitates persistent execution.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.