EUVD-2016-2103

Malware in sbrugna...

CVE-2016-15038

A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...

NUUO NVRmini2 Devices Missing Authentication Vulnerability

NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users...

NUUO NVRmini Devices OS Command Injection Vulnerability

NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load And Administrator Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset', 'Description' = %q The NVRmini 2...

CVE-2016-15038

A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...

CVE-2016-15038 NUUO NVRmini 2 deletefile.php path traversal

A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...

CVE-2016-15038

NUUO NVRmini 2 (up to 3.0.8) has a path traversal vulnerability in an unknown function of /deletefile.php. Manipulating the filename parameter enables traversal, and remote access is possible. The vulnerability is documented with public exploit references in the provided sources; no remediation d...

CVE-2016-15038 NUUO NVRmini 2 deletefile.php path traversal

A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed ...

NUUO NVRmini 路径遍历漏洞

NUUO NVRmini is a standalone Linux-based IP camera surveillance solution from NUUO. A path traversal vulnerability exists in NUUO NVRmini versions 2.x through 3.0.8, which stems from the fact that incorrect manipulation of the parameter filename can lead to path traversal...

VulnCheck KEV: CVE-2016-5680

Stack-based buffer overflow in cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transferlicense command...

VulnCheck KEV: CVE-2016-5674

debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter...

NUUO NVRmini 2 <= 03.11.0000.0016 RCE Vulnerability - Active Check

NUUO NVRmini 2 devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

NUUO NVRmini 2 Remote Code Execution

A remote code execution vulnerability exists in NUUO NVRmini 2. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

VulnCheck KEV: CVE-2016-5679

cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transferlicense command...

VulnCheck KEV: CVE-2018-14933

NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

NUUO NVRMini 2 3.9.1 - sscanf Stack Overflow

NUUO NVRMini 2 3.9.1 - sscanf Stack Overflow !/usr/bin/python Exploit Title: NUUO NVRMini2 3.9.1 'sscanf' stack overflow Google Dork: n/a Date: Advisory Published: Nov 18 Exploit Author: @0x00string Vendor Homepage: nuuo.com Software Link: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9....

NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini upgradehandle.php Remote Command Execution', 'Description' = %q This exploits a vulnerability in the web application of NUUO NVRmini...

NUUO NVRmini upgrade_handle.php Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini upgradehandle.php Remote Command Execution', 'Description' = %q This exploits a vulnerability in the web application of NUUO NVRmini...

NUUO NVRmini upgrade_handle.php Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgradehandle.php file. This module requires Metasploit: https://metasploit.com/download Current source:...