CVE-2025-55634 is a vulnerability identified in the RTMP server settings of the Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime, specifically in firmware version 3.0.0.4662_2503122283. The flaw stems from incorrect access control mechanisms within the RTMP server configuration, which allows unauthorized attackers to exploit the device by initiating a large number of simultaneous ffmpeg-based stream pushes. This results in a Denial of Service (DoS) condition, effectively overwhelming the device's streaming capabilities and rendering it unavailable or unresponsive. The vulnerability does not require authentication, meaning any attacker with network access to the device can attempt exploitation. The attack leverages ffmpeg, a widely used multimedia framework, to push multiple streams concurrently, exploiting the device's insufficient restrictions on stream initiation. No CVSS score has been assigned yet, and no known exploits have been reported in the wild. The lack of patch links suggests that a fix may not yet be publicly available or disclosed. This vulnerability primarily impacts the availability of the affected device, disrupting its core functionality as a video doorbell and potentially causing broader network disruptions if the device is part of a larger security or IoT ecosystem.

For European organizations, especially those deploying Reolink Smart 2K+ Wi-Fi Video Doorbells in residential, commercial, or critical infrastructure environments, this vulnerability poses a significant risk to operational continuity and physical security monitoring. A successful DoS attack could disable video surveillance capabilities, leading to gaps in security coverage and increasing the risk of unauthorized physical access or undetected incidents. Organizations relying on these devices for real-time monitoring or integration with broader security systems may experience cascading effects, including delayed incident response and compromised situational awareness. Additionally, if these devices are connected to corporate or home networks, the DoS condition could cause network congestion or instability, affecting other connected systems. The ease of exploitation without authentication further elevates the threat, as attackers do not need prior access or credentials. While no known exploits are currently active, the public disclosure of this vulnerability could prompt attackers to develop exploit tools, increasing the risk over time.

To mitigate this vulnerability, European organizations should first verify if their Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell devices are running the affected firmware version 3.0.0.4662_2503122283. If so, they should monitor Reolink's official channels for firmware updates or patches addressing this issue and apply them promptly once available. In the interim, network-level controls should be implemented to restrict access to the RTMP server ports from untrusted networks, ideally limiting connections to trusted IP addresses or VLANs. Deploying network segmentation to isolate IoT devices like video doorbells from critical infrastructure and corporate networks can reduce the attack surface. Rate limiting or traffic shaping on the network edge can help mitigate the impact of multiple simultaneous stream requests. Additionally, organizations should audit their device configurations to disable unnecessary streaming services or features if possible. Continuous monitoring for unusual network traffic patterns indicative of ffmpeg stream flood attempts should be established, with alerts configured to detect potential exploitation attempts. Finally, organizations should consider alternative or additional physical security measures to compensate for potential video monitoring outages.