Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Nuuo Subscribe
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5679 2 Netgear, Nuuo 2 Readynas Surveillance, Nvrmini 2 2017-09-02 9.0 HIGH 8.8 HIGH
cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.
CVE-2016-5678 1 Nuuo 2 Nvrmini 2, Nvrsolo 2017-09-02 10.0 HIGH 9.8 CRITICAL
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.
CVE-2016-5677 2 Netgear, Nuuo 3 Readynas Surveillance, Nvrmini 2, Nvrsolo 2017-09-02 5.0 MEDIUM 7.5 HIGH
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request.
CVE-2016-5676 2 Netgear, Nuuo 3 Readynas Surveillance, Nvrmini 2, Nvrsolo 2017-09-02 5.0 MEDIUM 7.5 HIGH
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.
CVE-2016-5675 2 Netgear, Nuuo 4 Readynas Surveillance, Crystal, Nvrmini 2 and 1 more 2017-09-02 10.0 HIGH 9.8 CRITICAL
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
CVE-2016-5674 2 Netgear, Nuuo 3 Readynas Surveillance, Nvrmini 2, Nvrsolo 2017-09-02 10.0 HIGH 9.8 CRITICAL
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.