NUUO Camera <=20250203 - OS Command Injection

NUUO Camera up to 20250203 contains a command injection caused by manipulation of the 'log' argument in /handleconfig.php, letting remote attackers execute arbitrary commands, exploit requires remote access. id: CVE-2025-1338 info: name: NUUO Camera =20250203 - OS Command Injection author: Ark...

NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting

NUUO NVRsolo Video Recorder 03.06.02 contains a reflected cross-site scripting vulnerability via login.php. id: CVE-2022-33119 info: name: NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting author: arafatansari severity: medium description: | NUUO NVRsolo Video Recorder 03.06.02 contains...

NUUO NVRmini - Remote Command Execution

NUUO NVRmini is vulnerable to unauthenticated remote command execution through the upgradehandle.php file. The vulnerability allows an attacker to execute arbitrary commands by manipulating the uploaddir parameter. id: CVE-2018-14933 info: name: NUUO NVRmini - Remote Command Execution author:...

NUUO NVR camera `debugging_center_utils_.php` - Command Execution

debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. id: CVE-2016-5674 info: name: NUUO NVR camera debuggingcenterutils.p...

VulnCheck KEV: CVE-2025-1338

A vulnerability was found in NUUO Camera up to 20250203. It has been declared as critical. This vulnerability affects the function printfile of the file /handleconfig.php. The manipulation of the argument log leads to command injection. The attack can be initiated remotely. The exploit has been...

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

CVE-2024-2995

A vulnerability was found in NUUO Camera up to 20240319 and classified as problematic. This issue affects some unknown processing of the file /deletefile.php. The manipulation of the argument filename leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed...

EUVD-2016-7474

Malware in sbrugna...

EUVD-2018-9633

Malware in sbrugna...

EUVD-2018-9631

Malware in sbrugna...

EUVD-2018-9635

Malware in sbrugna...

EUVD-2016-2103

Malware in sbrugna...

Exploit for CVE-2025-1338

CVE-2025-1338 This repository contains a proof-of-concept exp...

EUVD-2024-27935

Malicious code in bioql PyPI...

EUVD-2021-32530

Malicious code in bioql PyPI...

EUVD-2025-2109

Malicious code in bioql PyPI...

EUVD-2022-30184

Malicious code in bioql PyPI...

NUUO NVRmini2 <= 3.11.x Unrestricted Upload RCE

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

CVE-2022-25521

NUUO v03.11.00 was discovered to contain access control issue...

CVE-2022-33119

NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting XSS vulnerability via login.php...