Nuuo Nvrmini2 vulnerabilities
3 known vulnerabilities affecting nuuo/nuuo_nvrmini2.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2018-15716HIGHCVSS 8.8ExploitedPoCv3.9.12018-11-30
CVE-2018-15716 [HIGH] CWE-78 CVE-2018-15716: NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
nvd
CVE-2018-1149CRITICALCVSS 9.8vAll versions prior to version 3.9.12018-09-19
CVE-2018-1149 [CRITICAL] CWE-119 CVE-2018-1149: cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.
nvd
CVE-2018-1150HIGHCVSS 7.3vAll versions prior to version 3.9.12018-09-19
CVE-2018-1150 [HIGH] CVE-2018-1150: NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attac
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.
nvd