RSS   Vulnerabilities for 'Nvrmini2 firmware'   RSS

2018-12-05
 
CVE-2018-19864

CWE-20
 

 
NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.

 
2018-11-30
 
CVE-2018-15716

CWE-78
 

 
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.

 
2018-09-19
 
CVE-2018-1150

CWE-254
 

 
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.

 
 
CVE-2018-1149

CWE-119
 

 
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.

 

 >>> Vendor: NUUO 8 Products
Nvrmini 2
Nvrsolo
Crystal
Nvrmini 2 firmware
Nt-4040 titan firmware
Nvrmini firmware
Nuuo cms
Nvrmini2 firmware


Copyright 2019, cxsecurity.com

 

Back to Top