Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vul | 5 Aug 201600:00 | – | zdt |
 | NUUO NVRmini 2 and NetGear ReadyNAS Surveillance Buffer Overflow Vulnerability | 14 Aug 201600:00 | – | cnvd |
 | CVE-2016-5680 | 31 Aug 201615:00 | – | cvelist |
 | NUUO NVRmini2 NVRsolo Crystal Devices NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities | 5 Aug 201600:00 | – | exploitpack |
 | CVE-2016-5680 | 31 Aug 201615:59 | – | nvd |
 | NUUO NVRmini 2 <= 3.0.8 Multiple Vulnerabilities - Active Check | 23 Aug 201600:00 | – | openvas |
 | NUUO NVRmini2 / NVRsolo / Crystal And NETGEAR ReadyNAS Code Execution | 4 Aug 201600:00 | – | packetstorm |
 | Stack overflow | 31 Aug 201615:59 | – | prion |
 | Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance | 8 May 201800:00 | – | seebug |
 | NUUO and Netgear Network Video Recorder (NVR) products web interfaces contain multiple vulnerabilities | 4 Aug 201600:00 | – | cert |
10
| Source | Link |
|---|---|
| securityfocus | www.securityfocus.com/bid/92318 |
| exploit-db | www.exploit-db.com/exploits/40200/ |
| kb | www.kb.cert.org/vuls/id/856152 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| cmd | query param | /cgi-bin/cgi_main | Command injection and stack-based overflow in transfer_license via the sn parameter (CVE-2016-5680). | CWE-119 |
| transfer_license | query param | /cgi-bin/cgi_main | Command injection and stack-based overflow in transfer_license via the sn parameter (CVE-2016-5680). | CWE-119 |
| method | query param | /cgi-bin/cgi_main | Command injection and stack-based overflow in transfer_license via the sn parameter (CVE-2016-5680). | CWE-119 |
| offline | query param | /cgi-bin/cgi_main | Command injection and stack-based overflow in transfer_license via the sn parameter (CVE-2016-5680). | CWE-119 |
| sn | query param | /cgi-bin/cgi_main | Command injection and stack-based overflow in transfer_license via the sn parameter (CVE-2016-5680). | CWE-119 |
| act | query param | /handle_daylightsaving.php | Remote code execution via unsanitized NTPServer input in update action. | CWE-119 |
| NTPServer | query param | /handle_daylightsaving.php | Remote code execution via unsanitized NTPServer input in update action. | CWE-119 |
| cmd | query param | /cgi-bin/cgi_system | Authorization-agnostic admin password reset via cgi_system with cmd=loaddefconfig. | CWE-119 |
| log | query param | /__debugging_center_utils___.php | Information disclosure/vector via log parameter feeding system() in a debugging utility. | CWE-119 |
| username | post data | /__nvr_status___.php | Information disclosure exposing system processes/memory/filesystem status via hidden page. | CWE-119 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 May 2026 22:30Current
8.3High risk
Vulners AI Score8.3
CVSS 38.8
CVSS 29
EPSS0.33302