Nuuo Central Management Server Authenticated Arbitrary File Download

🗓️ 27 Nov 2018 00:00:00Reported by AttackerKBType

Nuuo Central Management Server allows authenticated users to download files using a directory traversal flaw in the FileType header.

Reporter	Title	Published	Views	Family All 7
Prion	Code injection	27 Nov 201820:29	–	prion
Cvelist	CVE-2018-17934	27 Nov 201821:00	–	cvelist
CVE	CVE-2018-17934	27 Nov 201821:00	–	cve
NVD	CVE-2018-17934	27 Nov 201820:29	–	nvd
Metasploit	Nuuo Central Management Server Authenticated Arbitrary File Download	21 Jan 201910:17	–	metasploit
Packet Storm	Nuuo Central Management Server Authenticated Arbitrary File Download	31 Aug 202400:00	–	packetstorm
ICS	NUUO CMS (Update A)	11 Oct 201800:00	–	ics

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cvedetails	www.cvedetails.com/cve/CVE-2018-17934
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-18-284-02
seclists	www.seclists.org/fulldisclosure/2019/Jan/51
raw	www.raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-cms-ownage.txt

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Nov 2018 00:00Current

9.1High risk

Vulners AI Score9.1

EPSS0.37658