Published: 05/12/2018 Updated: 04/06/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

NUUO NVRmini2 Network Video Recorder firmware up to and including 3.9.1 allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nuuo nvrmini2 firmware

#!/usr/bin/python # Exploit Title: NUUO NVRMini2 391 'sscanf' stack overflow # Google Dork: n/a # Date: Advisory Published: Nov 18 # Exploit Author: @0x00string # Vendor Homepage: nuuocom # Software Link: wwwnuuocom/ProductNodephp?node=2 # Version: 391 and prior # Tested on: 391 # CVE : CVE-2018-19864 # # [ leading / ] # [ Pad ...

NUUO NVRMini 2 version 391 suffers from an sscanf stack overflow vulnerability ...

CWE-119 CWE-20 https://www.nuuo.com/DownloadMainpage.php https://www.digitaldefense.com/blog/zero-day-alerts/nuuo-firmware-disclosure/http://packetstormsecurity.com/files/153162/NUUO-NVRMini-2-3.9.1-Stack-Overflow.html https://nvd.nist.gov https://www.exploit-db.com/exploits/46960

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-19864

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect