Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vul | 5 Aug 201600:00 | – | zdt |
 | CVE-2016-5676 | 29 May 201815:50 | – | circl |
 | Multiple NUUO and NetGear Product Management Password Reset Vulnerability | 14 Aug 201600:00 | – | cnvd |
 | CVE-2016-5676 | 31 Aug 201615:00 | – | cvelist |
 | NUUO NVRmini2 NVRsolo Crystal Devices NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities | 5 Aug 201600:00 | – | exploitpack |
 | NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset | 4 Aug 201615:56 | – | metasploit |
 | CVE-2016-5676 | 31 Aug 201615:59 | – | nvd |
 | NUUO NVRmini 2 <= 3.0.8 Multiple Vulnerabilities - Active Check | 23 Aug 201600:00 | – | openvas |
 | CVE-2016-5676 | 31 Aug 201615:59 | – | osv |
 | NUUO NVRmini2 / NVRsolo / Crystal And NETGEAR ReadyNAS Code Execution | 4 Aug 201600:00 | – | packetstorm |
10
Node
OROROROROROROR
Node
| Source | Link |
|---|---|
| securityfocus | www.securityfocus.com/bid/92318 |
| exploit-db | www.exploit-db.com/exploits/40200/ |
| kb | www.kb.cert.org/vuls/id/856152 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| cmd | query param | cgi-bin/cgi_system | Administrator password reset via loaddefconfig through cgi_system (unauthenticated). | CWE-285 |
| log | query param | __debugging_center_utils___.php | Remote code execution via unsafely handled log parameter that can execute commands. | CWE-285 |
| act | query param | handle_daylightsaving.php | Remote command execution via unsafely passed NTPServer parameter in update action. | CWE-285 |
| NTPServer | query param | handle_daylightsaving.php | Remote command execution via unsafely passed NTPServer parameter in update action. | CWE-285 |
| username | nested / POST data | __nvr_status___.php | Information disclosure of system processes/memory/filesystem via status page authentication. | CWE-285 |
| password | nested / POST data | __nvr_status___.php | Information disclosure of system processes/memory/filesystem via status page authentication. | CWE-285 |
| submit | nested / POST data | __nvr_status___.php | Information disclosure of system processes/memory/filesystem via status page authentication. | CWE-285 |
| cmd | query param | cgi-bin/cgi_main | Command injection and stack buffer overflow in transfer_license via sn parameter (local/remote). | CWE-285 |
| method | query param | cgi-bin/cgi_main | Command injection and stack buffer overflow in transfer_license via sn parameter (local/remote). | CWE-285 |
| sn | query param | cgi-bin/cgi_main | Command injection and stack buffer overflow in transfer_license via sn parameter (local/remote). | CWE-285 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 00:49Current
7.7High risk
Vulners AI Score7.7
CVSS 25
CVSS 37.5
EPSS0.53715