5 matches found
CVE-2018-17936
creationtimestamp| type| source ---|---|--- 2019-02-20 13:59:43+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/nuuo/nuuocmsfu.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:06+00:00| seen|...
Nuuo Central Management Server 2.4 Authenticated Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Nuuo Central Management Server Authenticated Arbitrary File Upload", 'Description' = %q The COMMITCONFIG verb is used by a CMS client to upload a...
CVE-2018-17936
NUUO CMS (Central Management System) All versions up to 3.3 and prior are affected by an authenticated Arbitrary File Upload vulnerability. The COMMITCONFIG FileName parameter accepts directory traversal, allowing an attacker to upload/overwrite configuration files on the CMS Server and potential...
CVE-2018-17936
NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution...
CVE-2018-17936
NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution...