Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2019/06/11 9:29 p.m.10 views

CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

9.8CVSS9.2AI score0.1554EPSS
Exploits1References2
Metasploit
Metasploitadded 2018/12/06 2:51 a.m.18 views

NUUO NVRmini upgrade_handle.php Remote Command Execution

This exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgradehandle.php file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

9.8CVSS0.3AI score0.93874EPSS
Exploits5
NVD
NVDadded 2018/11/30 8:29 p.m.6 views

CVE-2018-15716

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgradehandle.php to execute OS commands as root...

9CVSS9AI score0.43832EPSS
Exploits5References4
OSV
OSVadded 2018/11/30 8:29 p.m.1 views

CVE-2018-15716

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgradehandle.php to execute OS commands as root...

8.8CVSS5.9AI score0.43832EPSS
Exploits5References4
Prion
Prionadded 2018/11/30 8:29 p.m.9 views

Command injection

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgradehandle.php to execute OS commands as root...

9CVSS9AI score0.43832EPSS
Exploits5References4Affected Software1
Cvelist
Cvelistadded 2018/11/30 8:0 p.m.12 views

CVE-2018-15716

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgradehandle.php to execute OS commands as root...

9.1AI score0.43832EPSS
Exploits5References4
CVE
CVEadded 2018/08/04 7:0 p.m.220 views

CVE-2018-14933

CVE-2018-14933 (NUOO NVRmini) : The vulnerability affects NUUO NVRmini devices via the upgrade_handle.php file. An attacker can inject shell metacharacters in the uploaddir parameter of a writeuploaddir command, leading to unauthenticated remote command execution. This corresponds to a remote cod...

10CVSS9.6AI score0.93874EPSS
In wildExploits5References3Affected Software1
Cvelist
Cvelistadded 2018/08/04 7:0 p.m.12 views

CVE-2018-14933

upgradehandle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command...

9.8AI score0.93874EPSS
Exploits5References2
Exploit DB
Exploit DBadded 2018/07/23 12:0 a.m.22 views

NUUO NVRmini - 'upgrade_handle.php' Remote Command Execution

Exploit Title: NUUO NVR Unauthenticated Remote Code Execution Exploit Author: Berk Dusunur Google Dork: N/A Date: 2018-07-21 Vendor Homepage: http://www.nuuo.com/ Software Link: http://www.nuuo.com/ Affected Version: v2016 Tested on: Parrot OS CVE : N/A Proof Of Concept GET...

7.4AI score
Exploits0
Rows per page
Query Builder