11 matches found
Cross site scripting
NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting XSS vulnerability via login.php...
Vulnerability of the __debugging_center_utils___.php component in NUUO NVRmini and NVRsolo network video recording systems, allowing intruders to execute arbitrary PHP code.
The vulnerability of the debuggingcenterutils.php component in NUUO NVRmini and NVRsolo network video recording systems exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary PHP code...
NUUO Network Video Recorder 跨站脚本漏洞
NUUO Network Video Recorder NVR is a network video recorder from NUUO, Taiwan, China. A cross-site scripting vulnerability exists in NUUO Network Video Recorder NVRsolo version 3.9.1, which stems from the lack of effective filtering and escaping of user-submitted request parameters, and can be...
CVE-2016-5678
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors...
CVE-2016-5677
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an nvrstatus.php request...
CVE-2016-5676
cgi-bin/cgisystem in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action...
CVE-2016-5674
debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter...
Code injection
debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter...
CVE-2016-5674
CVE-2016-5674 affects NUUO NVRmini 2 (versions 1.7.5–3.0.0), NVRsolo (1.7.5–3.0.0), and NETGEAR ReadyNAS Surveillance (1.1.1–1.4.1). The vulnerability lies in the web-facing page debugging_center_utils _.php, where the log parameter is not properly validated and is passed to system(), enabling un...
CVE-2016-5674
debuggingcenterutils .php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
Information Disclosure Vulnerabilities in Multiple NUUO and NetGear Products
NUUO NVRmini 2 and NVRsolo are network video recorders.NetGear ReadyNAS Surveillance is a comprehensive IP video surveillance solution that integrates video surveillance software, storage, switching, and network management.NUUO Crystal is a Linux-based enterprise VMS Virtual Memory System NUUO...