Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuuo vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-25521
NUUO v03.11.00 exists to contain access control issue.
Nuuo Network Video Recorder Firmware
10
CVSSv2
CVE-2022-23227
NUUO NVRmini2 up to and including 3.11 allows an unauthenticated malicious user to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is poss...
Nuuo Nvrmini2 Firmware
10
CVSSv2
CVE-2019-9653
NUUO Network Video Recorder Firmware 1.7.x up to and including 3.3.x allows unauthenticated malicious users to execute arbitrary commands via shell metacharacters to handle_load_config.php.
Nuuo Network Video Recorder Firmware
1 Github repository
10
CVSSv2
CVE-2018-19864
NUUO NVRmini2 Network Video Recorder firmware up to and including 3.9.1 allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.
Nuuo Nvrmini2 Firmware
1 EDB exploit
10
CVSSv2
CVE-2018-1149
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote malicious users to execute arbitrary code via crafted HTTP requests.
Nuuo Nvrmini2 Firmware
10
CVSSv2
CVE-2018-14933
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
Nuuo Nvrmini Firmware 2016
1 EDB exploit
10
CVSSv2
CVE-2016-6553
Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device.
Nuuo Nt-4040 Titan Firmware Nt-4040 01.07.0000.0015 1120
10
CVSSv2
CVE-2016-5674
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 up to and including 3.0.0, NUUO NVRsolo 1.7.5 up to and including 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 up to and including 1.4.1 allows remote malicious users to execute arbitrary PHP code via the log parameter.
Netgear Readynas Surveillance 1.4.2
Netgear Readynas Surveillance 1.4.1
Netgear Readynas Surveillance 1.1.1
Netgear Readynas Surveillance 1.1.2
Netgear Readynas Surveillance 1.3.2.14
Netgear Readynas Surveillance 1.2.0.4
Netgear Readynas Surveillance 1.3.2.4
Netgear Readynas Surveillance 1.4.0
Nuuo Nvrmini 2 3.0.0
Nuuo Nvrmini 2 2.2.1
Nuuo Nvrmini 2 2.0.0
Nuuo Nvrmini 2 1.7.6
Nuuo Nvrmini 2 1.7.5
Nuuo Nvrsolo 2.3.9.6
Nuuo Nvrsolo 2.3.7.10
Nuuo Nvrsolo 2.0.0
Nuuo Nvrsolo 1.75
Nuuo Nvrsolo 3.0.0
Nuuo Nvrsolo 2.1.5
Nuuo Nvrsolo 2.0.1
Nuuo Nvrsolo 2.3.7.9
Nuuo Nvrsolo 2.3.1.20
1 EDB exploit
1 Article
10
CVSSv2
CVE-2016-5675
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 up to and including 3.0.0, NUUO NVRsolo 1.0.0 up to and including 3.0.0, NUUO Crystal 2.2.1 up to and including 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 up to and including 1.4.1 allows remote malicious users to execute arbi...
Netgear Readynas Surveillance 1.4.1
Netgear Readynas Surveillance 1.1.1
Netgear Readynas Surveillance 1.3.2.4
Netgear Readynas Surveillance 1.4.0
Netgear Readynas Surveillance 1.4.2
Netgear Readynas Surveillance 1.1.2
Netgear Readynas Surveillance 1.3.2.14
Netgear Readynas Surveillance 1.2.0.4
Nuuo Crystal 2.2.1
Nuuo Crystal 3.2.0
Nuuo Crystal 3.1.0
Nuuo Crystal 3.0.0
Nuuo Nvrsolo 1.3.0
Nuuo Nvrsolo 1.2.0
Nuuo Nvrsolo 2.3.9.6
Nuuo Nvrsolo 2.3.7.10
Nuuo Nvrsolo 2.0.0
Nuuo Nvrsolo 1.75
Nuuo Nvrsolo 1.0.1
Nuuo Nvrsolo 1.0.0
Nuuo Nvrsolo 3.0.0
Nuuo Nvrsolo 2.1.5
1 EDB exploit
1 Article
10
CVSSv2
CVE-2016-5678
NUUO NVRmini 2 1.0.0 up to and including 3.0.0 and NUUO NVRsolo 1.0.0 up to and including 3.0.0 have hardcoded root credentials, which allows remote malicious users to obtain administrative access via unspecified vectors.
Nuuo Nvrmini 2 1.6.2
Nuuo Nvrmini 2 1.6.1
Nuuo Nvrmini 2 1.1.0
Nuuo Nvrmini 2 1.0.0
Nuuo Nvrmini 2 3.0.0
Nuuo Nvrmini 2 1.7.0
Nuuo Nvrmini 2 1.6.4
Nuuo Nvrmini 2 1.3.2
Nuuo Nvrmini 2 1.3.0
Nuuo Nvrmini 2 1.6.0
Nuuo Nvrmini 2 1.5.2
Nuuo Nvrmini 2 2.2.1
Nuuo Nvrmini 2 2.0.0
Nuuo Nvrmini 2 1.7.2
Nuuo Nvrmini 2 1.7.1
Nuuo Nvrmini 2 1.5.1
Nuuo Nvrmini 2 1.4.0
Nuuo Nvrmini 2 1.7.6
Nuuo Nvrmini 2 1.7.5
Nuuo Nvrsolo 1.2.0
Nuuo Nvrsolo 1.1.2
Nuuo Nvrsolo 2.3.9.6
1 EDB exploit
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »