CVE-2026-57473: Use of Weak Credentials in Reolink Home Hub

Nozomi Networks Labs reported CVE-2026-57473 on June 26, 2026. The vulnerability, titled Use of Weak Credentials, is a CWE-1391 issue in the netclient and factory services of Reolink Home Hub. It stems from the possibility of brute-force cracking of the credentials in versions prior to v3.3.0.456_26031911, the advisory states. An adjacent attacker may intercept traffic and compromise credentials of associated cameras. The vulnerability carries a CVSS score of 5.8 based on the vector CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H. It affects Reolink Home Hub versions prior to v3.3.0.456_26031911. The solution is to update to at least version v3.3.0.456_26031911, which addresses the issue. The advisory credits Raffaele Bova at Nozomi Networks. The report appears on the Nozomi Networks Labs site.