Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

VulnCheck KEV
VulnCheck KEVadded 2024/12/18 12:0 a.m.1 views

VulnCheck KEV: CVE-2022-23227

NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users...

10CVSS7.4AI score0.49431EPSS
Exploits3References1
CISA KEV Catalog
CISA KEV Catalogadded 2024/12/18 12:0 a.m.24 views

NUUO NVRmini2 Devices Missing Authentication Vulnerability

NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users...

10CVSS9.7AI score0.49431EPSS
In wildExploits3
OSV
OSVadded 2022/01/14 6:15 p.m.2 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

9.8CVSS7.5AI score0.49431EPSS
Exploits3References5
NVD
NVDadded 2022/01/14 6:15 p.m.26 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

10CVSS0.49431EPSS
Exploits3References5
Prion
Prionadded 2022/01/14 6:15 p.m.30 views

Design/Logic Flaw

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

10CVSS8.9AI score0.49431EPSS
Exploits4References4Affected Software1
Cvelist
Cvelistadded 2022/01/14 5:13 p.m.56 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

9.1AI score0.49431EPSS
Exploits3References4
seebug.org
seebug.orgadded 2017/11/08 12:0 a.m.34 views

Circle with Disney check_circleservers Code Execution Vulnerability(CVE-2017-2882)

Summary An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order...

8.6AI score0.02024EPSS
Exploits2
Rows per page
Query Builder