Nvrmini2 Firmware Security Vulnerabilities and Issues — Nvrmini2 Firmware CVE List

Lucene search

NuuoNvrmini2 Firmware

4 matches found

CVE•added 2018/12/05 11:29 a.m.•87 views

CVE-2018-19864

NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.

10CVSS9.6AI score0.35526EPSS

CVE•added 2018/11/30 8:29 p.m.•59 views

CVE-2018-15716

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.

9CVSS8.9AI score0.6076EPSS

CVE•added 2018/09/19 3:29 p.m.•49 views

CVE-2018-1149

cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.

10CVSS9.7AI score0.16744EPSS

CVE•added 2018/09/19 3:29 p.m.•46 views

CVE-2018-1150

NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.

7.5CVSS7.6AI score0.00507EPSS