NuuoCVEs & Vulnerabilities

26 CVEs affecting Nuuo products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

nvrsolo 81nvrmini 2 48nuuo cms 7nvrmini2 firmware 5crystal 4nvrmini2 3network video recorder firmware 2nvrsolo firmware 2
CVE-2022-23227KEVCRITICALin the wild

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root.

18 Dec 2024
9.8
CVSS
CVE-2018-14933KEVCRITICALin the wild

upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.

18 Dec 2024
9.8
CVSS
CVE-2022-33119MEDIUM

NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via login.php.

21 Jun 2022
6.1
CVSS
CVE-2022-25521CRITICAL

NUUO v03.11.00 was discovered to contain access control issue.

29 Mar 2022
9.8
CVSS
CVE-2021-45812MEDIUM

NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross Site Scripting (XSS) vulnerability. An attacker can steal the user's session by injecting malicious JavaScript codes which leads to session hijacking.

28 Dec 2021
6.1
CVSS
CVE-2019-9653CRITICAL

NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php.

1 Jun 2019
9.8
CVSS
CVE-2018-19864CRITICALpoc

NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.

5 Dec 2018
9.8
CVSS
CVE-2018-15716HIGHpoc

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.

30 Nov 2018
8.8
CVSS
CVE-2018-18982HIGHpoc

NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject SQL into an executing statement and allow arbitrary code execution.

27 Nov 2018
8.8
CVSS
CVE-2018-17936CRITICAL

NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.

27 Nov 2018
9.8
CVSS
CVE-2018-17934CRITICAL

NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. This could allow an attacker to impersonate a legitimate user, obtain restricted information, or execute arbitrary code.

27 Nov 2018
9.8
CVSS
CVE-2018-17894CRITICAL

NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access.

12 Oct 2018
9.8
CVSS
CVE-2018-17892HIGH

NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution.

12 Oct 2018
8.8
CVSS
CVE-2018-17890CRITICAL

NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution.

12 Oct 2018
9.8
CVSS
CVE-2018-17888CRITICAL

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.

12 Oct 2018
9.8
CVSS
CVE-2018-1150HIGH

NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.

19 Sep 2018
7.3
CVSS
CVE-2018-1149CRITICAL

cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.

19 Sep 2018
9.8
CVSS
CVE-2016-6553CRITICAL

Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device.

13 Jul 2018
9.8
CVSS
CVE-2018-11523CRITICALpoc

upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.

29 May 2018
9.8
CVSS
CVE-2016-5680HIGHpoc

Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.

31 Aug 2016
8.8
CVSS
CVE-2016-5679HIGHpoc

cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.

31 Aug 2016
8.8
CVSS
CVE-2016-5678CRITICALpoc

NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.

31 Aug 2016
9.8
CVSS
CVE-2016-5677HIGHpoc

NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request.

31 Aug 2016
7.5
CVSS
CVE-2016-5676HIGHpoc

cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.

31 Aug 2016
7.5
CVSS
CVE-2016-5675CRITICALpoc

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.

31 Aug 2016
9.8
CVSS
CVE-2016-5674CRITICALpoc

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.

31 Aug 2016
9.8
CVSS
← PrevPage 1 / 1Next →