CVE-2025-55625

Published: Aug 22, 2025

Modified: Sep 11, 2025

PUBLISHED

Description

An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior that supports redirection to Alexa URLs, which are not guaranteed to remain at the same domain indefinitely.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cwe.mitre.org/data/definitions/601.html

https://relieved-knuckle-264.notion.site/Reolink-Deeplink-Redirect-21b437003642804a865af2fb02942f66

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-55625

Description

Affected Products

References