Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/01/09 10:54 a.m.8 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

10CVSS7.5AI score0.49431EPSS
Exploits4References1
circl
circl
added 2024/12/18 4:16 p.m.8 views

CVE-2022-23227

creationtimestamp| type| source ---|---|--- 2024-12-18 16:16:48+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113674722220637919 2024-12-18 17:55:14+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2928815 2024-12-18 21:10:03+00:00| seen|...

10CVSS7.3AI score0.49431EPSS
Exploits1References5
openvas
openvas
added 2022/01/18 12:0 a.m.33 views

NUUO NVRmini 2 <= 03.11.0000.0016 RCE Vulnerability - Active Check

NUUO NVRmini 2 devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.9AI score0.49431EPSS
Exploits4References3
vulnrichment
vulnrichment
added 2022/01/14 5:13 p.m.31 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

7.5AI score0.49431EPSS
Exploits1References4
cve
cve
added 2022/01/14 5:13 p.m.277 views

CVE-2022-23227

NUUO NVRmini2 devices (up to v3.11) are affected by a Missing Authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users due to handle_import_user.php not requiring authentication. When paired with CVE-2011-5...

10CVSS8.2AI score0.49431EPSS
In wildExploits1References5Affected Software1
attackerkb
attackerkb
added 2022/01/14 12:0 a.m.99 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

10CVSS7.5AI score0.49431EPSS
In wildExploits4References5
Rows per page
Query Builder