CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

VulnCheck KEV: CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

NETGEAR ReadyNAS Surveillance Command Injection Vulnerability

NETGEAR ReadyNAS Surveillance is an add-on application for NETGEAR ReadyNAS from NETGEAR. The program extends surveillance video management capabilities for NETGEAR ReadyNAS devices. A command injection vulnerability exists in NETGEAR ReadyNAS Surveillance versions prior to 1.4.3-17 x86 and prior...

CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution

Exploit Netgear ReadyNAS Surveillance 1.4.3-16 Unauthenticated RCE Date: 27.09.2017 Software Link: https://www.netgear.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description $GET'uploaddir' is not escaped a...

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution Exploit Netgear ReadyNAS Surveillance 1.4.3-16 Unauthenticated RCE Date: 27.09.2017 Software Link: https://www.netgear.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl...

Netgear ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution

Exploit Netgear ReadyNAS Surveillance 1.4.3-16 Unauthenticated RCE Date: 27.09.2017 Software Link: https://www.netgear.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description $GET'uploaddir' is not escaped a...

CVE-2016-5677

NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an nvrstatus.php request...

CVE-2016-5676

cgi-bin/cgisystem in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action...

CVE-2016-5674

debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter...

Command injection

cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transferlicense command...

CVE-2016-5680

CVE-2016-5680 corresponds to a stack-based buffer overflow in NUUO NVRmini 2 (firmware 1.7.6–3.0.0) and NETGEAR ReadyNAS Surveillance 1.1.2, triggered by the sn parameter to the transfer_license command in the cgi_main binary. The issue allows remote or local code execution and is part of a broad...

CVE-2016-5676

cgi-bin/cgisystem in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action...

CVE-2016-5677

NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an nvrstatus.php request...

CVE-2016-5680

Stack-based buffer overflow in cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transferlicense command...

CVE-2016-5674

CVE-2016-5674 affects NUUO NVRmini 2 (versions 1.7.5–3.0.0), NVRsolo (1.7.5–3.0.0), and NETGEAR ReadyNAS Surveillance (1.1.1–1.4.1). The vulnerability lies in the web-facing page debugging_center_utils _.php, where the log parameter is not properly validated and is passed to system(), enabling un...

CVE-2016-5674

debuggingcenterutils .php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...

NUUO NVRmini 2 and NetGear ReadyNAS Surveillance Buffer Overflow Vulnerability

NUUO NVRmini 2 is a network video recorder from NUUO.NetGear ReadyNAS Surveillance is a comprehensive IP video surveillance solution from NetGear that integrates video surveillance software, storage, switching and network management. A buffer overflow vulnerability exists in NUUO NVRmini 2 versio...

Information Disclosure Vulnerabilities in Multiple NUUO and NetGear Products

NUUO NVRmini 2 and NVRsolo are network video recorders.NetGear ReadyNAS Surveillance is a comprehensive IP video surveillance solution that integrates video surveillance software, storage, switching, and network management.NUUO Crystal is a Linux-based enterprise VMS Virtual Memory System NUUO...

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution

The NVRmini 2 Network Video Recorder and the ReadyNAS Surveillance application are vulnerable to an unauthenticated remote code execution on the exposed web administration interface. This results in code execution as root in the NVRmini and the 'admin' user in ReadyNAS. This exploit has been test...