RLN36 Kills all my camers. Major security flaw found!

user_612681119584296_612681119584296

So I have posted before about getting some more Reolink products namely the RLN36 so I can hopefully transition from a power hungry blue iris server to a new platform. Well I purchased a RLN36 and got around to hooking it up tonight.

All of my cameras are paired with blue iris and every single Reolink camera went offline the second I turned on the new NVR. I cant access the cameras individually from the mobile app or web browser. I am about to try and shut the NVR down and see what happens but the fact this happened at all is disturbing. Yes there is no 100% certain way to guard a independent vlan with wires going into the field. So what you are telling me is that someone only has to purchase a Reolink NVR and either attach it physically or gain access to a wifi network on the same VLAN and completely cripple a system? Why is this a thing? This is a major security flaw.

Meanwhile there seems to be no option for me to add cameras remotely to the thing. So I have to physically drag a monitor out to where I have it hooked up and configure each camera with that little mouse the thing came with???

user_612681119584296_612681119584296

@user_612681119584296_612681119584296

Looking at the logs it has apparently provided a different IP address, login, and passcode to each camera. I never gave the NVR credentials to connect to them? This is a major security issue!!!! There should never be a feature on any manufactures cameras that allows a device to bypass DHCP and reassign IP addresses to the thing without the login and password from the admin. Luckily it resets the cameras when you power cycle the POE port but it still does not change the fact that plugging in the device into the network completely overides the user name and password and changes the IP address.

So, what protocol is the NVR using to do this? Other than just plugging up a reolink NVR to a network of reolink cameras what command can someone on the network send to the cameras to just cause this? Is there a way to turn this off and when are you all planning on releasing firmware upgrades to fix this giant security flaw?

Also, I am glad my camera VLAN is airgapped because this flaw could be used to remotely disable cameras too. Someone really screwed the pooch on this one.

Reolink Fiona

@user_612681119584296_612681119584296
Hi there, I would like to explain something to you.

The NVR and the connected cameras are one. So if you want to view the cameras on the APP/Client, you just need to connect the NVR using the NVR UID.

If you want to connect the NVR camera as a standalone camera, you can connect the PoE switch to the same router as the NVR instead of connecting the switch directly to the NVR. In this way, you can add the cameras to the APP individually.

If you set the password for the individual camera first and then connect it to the NVR, you need to input the password of the camera on the NVR monitor. You can also set the password for the NVR. Guide to set the NVR password: https://support.reolink.com/hc/en-us/articles/900000665623-How-to-Enable-Disable-Password-via-Reolink-PoE-NVR

You can let me know if you have any questions.