Nvrsolo Security Vulnerabilities and Issues — Nvrsolo CVE List

Lucene search

NuuoNvrsolo

5 matches found

CVE•added 2016/08/31 3:59 p.m.•158 views

CVE-2016-5674

debugging_center_utils _.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.

10CVSS8.3AI score0.89376EPSS

CVE•added 2016/08/31 3:59 p.m.•69 views

CVE-2016-5675

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.

10CVSS8.3AI score0.75746EPSS

CVE•added 2016/08/31 3:59 p.m.•52 views

CVE-2016-5676

cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.

7.5CVSS7.7AI score0.75563EPSS

CVE•added 2016/08/31 3:59 p.m.•52 views

CVE-2016-5677

NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an nvr_status _.php request.

7.5CVSS7.7AI score0.19234EPSS

CVE•added 2016/08/31 3:59 p.m.•50 views

CVE-2016-5678

NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.

10CVSS7.7AI score0.19699EPSS