IDCVSSSummaryLast (major) updatePublished
CVE-2018-11523 7.5
upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.
29-05-2018 - 03:29 29-05-2018 - 03:29
CVE-2016-5680 9.0
Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.
28-11-2016 - 15:28 31-08-2016 - 11:59
CVE-2016-5679 9.0
cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.
28-11-2016 - 15:28 31-08-2016 - 11:59
CVE-2016-5678 10.0
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.
28-11-2016 - 15:28 31-08-2016 - 11:59
CVE-2016-5677 5.0
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information v
28-11-2016 - 15:28 31-08-2016 - 11:59
CVE-2016-5676 5.0
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.
28-11-2016 - 15:28 31-08-2016 - 11:59
CVE-2016-5675 10.0
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the N
28-11-2016 - 15:28 31-08-2016 - 11:59
CVE-2016-5674 10.0
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.
28-11-2016 - 15:28 31-08-2016 - 11:59
Back to Top Mark selected
Back to Top