122 matches found
EUVD-2016-2103
Malware in sbrugna...
CVE-2016-15038
A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...
The vulnerability in the handle_import_user.php script of the NUUO NVRmini 2 software, which allows a intruder to gain access to read, modify, or delete data.
The vulnerability in the handleimportuser.php script of the NUUO NVRmini 2 network video recorder software relates to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete data...
NUUO NVRmini Devices OS Command Injection Vulnerability
NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...
NUUO NVRmini2 Devices Missing Authentication Vulnerability
NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users...
NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load And Administrator Password Reset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset', 'Description' = %q The NVRmini 2...
CVE-2016-15038
A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...
CVE-2016-15038 NUUO NVRmini 2 deletefile.php path traversal
A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...
CVE-2016-15038 NUUO NVRmini 2 deletefile.php path traversal
A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...
CVE-2016-15038
NUUO NVRmini 2 (up to 3.0.8) has a path traversal vulnerability in an unknown function of /deletefile.php. Manipulating the filename parameter enables traversal, and remote access is possible. The vulnerability is documented with public exploit references in the provided sources; no remediation d...
NUUO NVRmini 路径遍历漏洞
NUUO NVRmini is a standalone Linux-based IP camera surveillance solution from NUUO. A path traversal vulnerability exists in NUUO NVRmini versions 2.x through 3.0.8, which stems from the fact that incorrect manipulation of the parameter filename can lead to path traversal...
VulnCheck KEV: CVE-2016-5680
Stack-based buffer overflow in cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transferlicense command...
Vulnerability of the __debugging_center_utils___.php component in NUUO NVRmini and NVRsolo network video recording systems, allowing intruders to execute arbitrary PHP code.
The vulnerability of the debuggingcenterutils.php component in NUUO NVRmini and NVRsolo network video recording systems exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary PHP code...
VulnCheck KEV: CVE-2016-5674
debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter...
NUUO NVRmini 2 <= 03.11.0000.0016 RCE Vulnerability - Active Check
NUUO NVRmini 2 devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
NUUO NVRmini 2 Remote Code Execution
A remote code execution vulnerability exists in NUUO NVRmini 2. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
VulnCheck KEV: CVE-2016-5679
cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transferlicense command...
VulnCheck KEV: CVE-2018-14933
NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...
NUUO NVRMini 2 3.9.1 - sscanf Stack Overflow
NUUO NVRMini 2 3.9.1 - sscanf Stack Overflow !/usr/bin/python Exploit Title: NUUO NVRMini2 3.9.1 'sscanf' stack overflow Google Dork: n/a Date: Advisory Published: Nov 18 Exploit Author: @0x00string Vendor Homepage: nuuo.com Software Link: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9....
NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini upgradehandle.php Remote Command Execution', 'Description' = %q This exploits a vulnerability in the web application of NUUO NVRmini...