3 matches found
Nuuo Central Management Server Authenticated Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nuuo Central Management Server Authenticated Arbitrary File Download', 'Description' = %q The Nuuo Central Management Server allows an...
CVE-2018-17934
creationtimestamp| type| source ---|---|--- 2019-02-20 13:16:34+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/nuuocmsfiledownload.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:06+00:00| seen|...
CVE-2018-17934
NUUO CMS CVE-2018-17934 affects all versions up to 3.3, where a pathname constructed from external input can be resolved outside the intended directory (path traversal). This can allow an authenticated attacker to impersonate a user, access restricted information, or execute code. Connected sourc...