CVE-2025-56800

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-56800

5.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

R

eolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable JavaScript property(a.settingsManager.lockScreenPassword), an attacker can patch the return value to bypass authentication. NOTE: this is disputed by the Supplier because the lock-screen bypass would only occur if the local user modified his own instance of the application.

References
Link Resource
https://github.com/shinyColumn/CVE-2025-56800 Exploit Third Party Advisory
https://shinycolumn.notion.site/reolink-auth-bypass Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:reolink:reolink:8.18.12:*:*:*:desktop:*:*:*
History

17 Nov 2025, 12:46

Type Values Removed Values Added
References () https://github.com/shinyColumn/CVE-2025-56800 - () https://github.com/shinyColumn/CVE-2025-56800 - Exploit, Third Party Advisory
References () https://shinycolumn.notion.site/reolink-auth-bypass - () https://shinycolumn.notion.site/reolink-auth-bypass - Exploit, Third Party Advisory
CPE cpe:2.3:a:reolink:reolink:8.18.12:*:*:*:desktop:*:*:*
First Time Reolink
Reolink reolink

22 Oct 2025, 14:15

Type Values Removed Values Added
Summary (en) Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable JavaScript property(a.settingsManager.lockScreenPassword), an attacker can patch the return value to bypass authentication. (en) Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable JavaScript property(a.settingsManager.lockScreenPassword), an attacker can patch the return value to bypass authentication. NOTE: this is disputed by the Supplier because the lock-screen bypass would only occur if the local user modified his own instance of the application.

21 Oct 2025, 21:15

Type Values Removed Values Added
CWE CWE-290
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.1

21 Oct 2025, 19:21

Type Values Removed Values Added
New CVE
Information

Published : 2025-10-21 19:21

Updated : 2025-11-17 12:46

NVD link : CVE-2025-56800

Mitre link : CVE-2025-56800

CVE.ORG link : CVE-2025-56800

JSON object : View

Products Affected

reolink

CWE
CWE-290

Authentication Bypass by Spoofing