Lucene search
+L

122 matches found

zdt
zdt
added 2019/02/07 12:0 a.m.63 views

NUUO NVRmini upgrade_handle.php Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgradehandle.php file. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS0.2AI score0.93746EPSS
Exploits5
packetstorm
packetstorm
added 2019/02/07 12:0 a.m.262 views

NUUO NVRmini upgrade_handle.php Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini upgradehandle.php Remote Command Execution', 'Description' = %q This exploits a vulnerability in the web application of NUUO NVRmini...

10CVSS0.1AI score0.93746EPSS
Exploits5
saint
saint
added 2018/12/11 12:0 a.m.39 views

NUUO NVR Unauthenticated Remote Code Execution

Added: 12/11/2018 Background NUUO is a surveillance solution provider. Problem The upgradehandle.php on NUUO NVRsolo, NVRsolo Plus, and NVRmini 2 devices allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. Resolution Upgrade to the...

3.1AI score
Exploits0
saint
saint
added 2018/12/11 12:0 a.m.44 views

NUUO NVR Unauthenticated Remote Code Execution

Added: 12/11/2018 Background NUUO is a surveillance solution provider. Problem The upgradehandle.php on NUUO NVRsolo, NVRsolo Plus, and NVRmini 2 devices allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. Resolution Upgrade to the...

7.8AI score
Exploits0
metasploit
metasploit
added 2018/12/06 2:51 a.m.64 views

NUUO NVRmini upgrade_handle.php Remote Command Execution

This exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgradehandle.php file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

9.8CVSS0.3AI score0.93746EPSS
Exploits5
openvas
openvas
added 2018/12/06 12:0 a.m.44 views

NUUO NVRmini 2 < 3.10.0 Remote Stack Overflow Vulnerability

NUUO NVRmini 2 devices are prone to an unauthenticated remote stack overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

10CVSS9.8AI score0.24808EPSS
Exploits4References1
cnvd
cnvd
added 2018/09/19 12:0 a.m.30 views

NUUO NVRMini2 Remote Code Execution Vulnerability

NUUO is one of the surveillance solution providers and NUUO NVRMini 2 is the NVR solution with NAS functionality. A remote code execution vulnerability exists in NUUO NVRMini 2. Due to a flaw in program logic, a stack overflow was caused by processing a GET request from /cgi-bin/cgisystem without...

10CVSS9.9AI score0.15226EPSS
Exploits1References1
cnvd
cnvd
added 2018/09/19 12:0 a.m.37 views

Backdoor Vulnerability in NUUO NVRMini2

NUUO is one of the surveillance solution providers and NUUO NVRMini 2 is the NVR solution with NAS functionality. A backdoor vulnerability exists in NUUO NVRMini 2. When a specific file /tmp/moses/ exists in the file system of the target device, the backdoor will be opened, and any unauthorized...

7.5CVSS7.5AI score0.0188EPSS
Exploits1References1
nvd
nvd
added 2018/08/04 7:29 p.m.17 views

CVE-2018-14933

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

10CVSS9.7AI score0.93746EPSS
Exploits5References3
prion
prion
added 2018/08/04 7:29 p.m.16 views

Command injection

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

10CVSS9.6AI score0.93746EPSS
Exploits5References2Affected Software1
osv
osv
added 2018/08/04 7:29 p.m.4 views

CVE-2018-14933

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

9.8CVSS5.8AI score0.93746EPSS
Exploits5References3
vulnrichment
vulnrichment
added 2018/08/04 7:0 p.m.15 views

CVE-2018-14933

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

7.6AI score0.93746EPSS
Exploits5References2
cvelist
cvelist
added 2018/08/04 7:0 p.m.29 views

CVE-2018-14933

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

9.8AI score0.93746EPSS
Exploits5References2
cve
cve
added 2018/08/04 7:0 p.m.234 views

CVE-2018-14933

CVE-2018-14933 (NUOO NVRmini) : The vulnerability affects NUUO NVRmini devices via the upgrade_handle.php file. An attacker can inject shell metacharacters in the uploaddir parameter of a writeuploaddir command, leading to unauthenticated remote command execution. This corresponds to a remote cod...

10CVSS9.6AI score0.93746EPSS
In wildExploits5References3Affected Software1
ptsecurity
ptsecurity
added 2018/08/04 12:0 a.m.4 views

PT-2018-12808 · Nuuo · Nuuo Nvrmini

Name of the Vulnerable Software and Affected Versions: NUUO NVRmini devices affected versions not specified Description: The issue allows for remote command execution via shell metacharacters in the uploaddir parameter for a "writeuploaddir" command in the "upgrade handle.php" file on NUUO NVRmin...

10CVSS7.1AI score0.93746EPSS
Exploits5References9
attackerkb
attackerkb
added 2018/08/04 12:0 a.m.11 views

CVE-2018-14933

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

10CVSS7.3AI score0.93746EPSS
In wildExploits5References5
zdt
zdt
added 2018/07/24 12:0 a.m.44 views

NUUO NVRmini - upgrade_handle.php Remote Command Execution Vulnerability

Exploit for hardware platform in category web applications Exploit Title: NUUO NVR Unauthenticated Remote Code Execution Exploit Author: Berk Dusunur Vendor Homepage: http://www.nuuo.com/ Software Link: http://www.nuuo.com/ Affected Version: v2016 Tested on: Parrot OS CVE : N/A Proof Of Concept G...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/07/23 12:0 a.m.16 views

NUUO NVRmini - upgrade_handle.php Remote Command Execution

NUUO NVRmini - upgradehandle.php Remote Command Execution Exploit Title: NUUO NVR Unauthenticated Remote Code Execution Exploit Author: Berk Dusunur Google Dork: N/A Date: 2018-07-21 Vendor Homepage: http://www.nuuo.com/ Software Link: http://www.nuuo.com/ Affected Version: v2016 Tested on: Parro...

0.2AI score
Exploits0
exploitdb
exploitdb
added 2018/07/23 12:0 a.m.24 views

NUUO NVRmini - &#039;upgrade_handle.php&#039; Remote Command Execution

Exploit Title: NUUO NVR Unauthenticated Remote Code Execution Exploit Author: Berk Dusunur Google Dork: N/A Date: 2018-07-21 Vendor Homepage: http://www.nuuo.com/ Software Link: http://www.nuuo.com/ Affected Version: v2016 Tested on: Parrot OS CVE : N/A Proof Of Concept GET...

7.4AI score
Exploits0
openvas
openvas
added 2018/05/30 12:0 a.m.35 views

NUUO NVRmini 2 < 3.9.1 File Upload Vulnerability - Active Check

NUUO NVRmini 2 devices are prone to a file upload vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nuuo:nuuo";...

9.8CVSS9.6AI score0.09926EPSS
Exploits5References2
Rows per page
Query Builder