Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2018-15716

Published: 30/11/2018 Updated: 09/10/2019
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Nvrmini2 Firmware

Vulnerability Summary

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

nuuo nvrmini2_firmware 3.9.1

Vendor Advisories

Check Point Security Alerts: NUUO NVRMini Command Injection (CVE-2018-14933; CVE-2018-15716)
Check Point Reference: CPAI-2018-2636 Date Published: 4 Dec 2023 Severity: Critical ...

Exploits

Exploit DB: NUUO NVRMini2 3.9.1 Command Injection
NUUO NVRMini2 version 391 suffers from an authenticated command injection vulnerability ...

References

CWE-78https://www.tenable.com/security/research/tra-2018-41https://github.com/tenable/poc/tree/master/nuuo/nvrmini2/cve_2018_15716http://www.securityfocus.com/bid/106059https://www.exploit-db.com/exploits/45948/https://nvd.nist.govhttps://packetstormsecurity.com/files/150624/NUUO-NVRMini2-3.9.1-Command-Injection.htmlhttps://advisories.checkpoint.com/defense/advisories/public/2023/cpai-2018-2636.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120CVE-2024-35921CVE-2024-35874brute forceCVE-2024-36080unprivilegedCVE-2024-35917IDORCVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook