Vendor
Nuuo
Products
3
CVEs
5
Across products
20
Status
Private
Products
3- 11 CVEs
- 5 CVEs
- 4 CVEs
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5674 | Cri | 0.74 | 9.8 | 0.89 | Aug 31, 2016 | __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. | |
| CVE-2018-17888 | 0.06 | — | 0.41 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution. | ||
| CVE-2018-17890 | 0.00 | — | 0.01 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution. | ||
| CVE-2018-17892 | 0.00 | — | 0.04 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution. | ||
| CVE-2018-17894 | 0.00 | — | 0.01 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access. |