Lucene search
K

5 matches found

0day.today
0day.today
added 2018/12/04 12:0 a.m.56 views

NUUO NVRMini2 3.9.1 - Authenticated Command Injection Exploit

Exploit for php platform in category web applications Exploit Title: NUUO NVRMini2 Authenticated Command Injection Exploit Author: Artem Metla Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 Tested on: NUUO NVRMini2 with firmware 3.9.1 CVE : CVE-2018-15716 Advisory:...

0.18498EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.49 views

NUUO NVRMini2 3.9.1 - (Authenticated) Command Injection

NUUO NVRMini2 3.9.1 - Authenticated Command Injection Exploit Title: NUUO NVRMini2 Authenticated Command Injection Date: December 3, 2018 Exploit Author: Artem Metla Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 Tested on: NUUO NVRMini2 with firmware 3.9.1 CVE :...

9CVSS0.1AI score0.18498EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.58 views

NUUO NVRMini2 3.9.1 - (Authenticated) Command Injection

Exploit Title: NUUO NVRMini2 Authenticated Command Injection Date: December 3, 2018 Exploit Author: Artem Metla Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 Tested on: NUUO NVRMini2 with firmware 3.9.1 CVE : CVE-2018-15716 Advisory:...

9CVSS8.8AI score0.18498EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2018/12/03 12:0 a.m.27 views

NUUO NVRMini2 Authenticated Command Injection

The version of NUUO NVRMini2 installed on the remote host is affected by authenticated remote command injection vulnerability. An attacker can send crafted requests to upgradehandle.php to execute OS commands as root. C Tenable Network Security, Inc. include'compat.inc'; if description...

9CVSS8.3AI score0.18498EPSS
Exploits5References2
CVE
CVE
added 2018/11/30 8:0 p.m.76 views

CVE-2018-15716

NUUO NVRMini2 version 3.9.1 is vulnerable to an authenticated command injection via upgrade_handle.php, allowing OS command execution as root. Exploitation details and PoCs are present in multiple sources (PacketStorm, Exploit-DB; authenticated flow shown). The advisory recommends upgrading to ve...

9CVSS8.9AI score0.18498EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder