CVE-2016-11056
https://notcve.org/view.php?id=CVE-2016-11056
Certain NETGEAR devices are affected by anonymous root access. This affects ReadyNAS Surveillance 1.1.1-3-armel and earlier and ReadyNAS Surveillance 1.4.1-3-amd64 and earlier. Determinados dispositivos de NETGEAR están afectados por el acceso root anónimo. Esto afecta a ReadyNAS Surveillance versiones 1.1.1-3-armel y anteriores y ReadyNAS Surveillance versiones 1.4.1-3-amd64 y anteriores. • https://kb.netgear.com/30275/ReadyNAS-Surveillance-Security-Vulnerability-Announcement •
CVE-2017-18861
https://notcve.org/view.php?id=CVE-2017-18861
Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Surveillance 1.4.3-15-x86 and earlier and ReadyNAS Surveillance 1.1.4-5-ARM and earlier. Determinados dispositivos de NETGEAR están afectados por una vulnerabilidad de tipo CSRF. Esto afecta a ReadyNAS Surveillance versiones 1.4.3-15-x86 y anteriores y a ReadyNAS Surveillance versiones 1.1.4-5-ARM y anteriores. • https://kb.netgear.com/000038435/Security-Advisory-for-ReadyNAS-Surveillance-CSRF-Remote-Code-Execution-PSV-2017-0578 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2017-18378
https://notcve.org/view.php?id=CVE-2017-18378
In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir'] is not escaped and is passed to system() through $tmp_upload_dir, leading to upgrade_handle.php?cmd=writeuploaddir remote command execution. En NETGEAR ReadyNAS Surveillance anterior de 1.4.3-17 x86 y anterior de 1.1.4-7 ARM, $ _GET ['uploaddir'] no se escapa y se pasa al sistema () a través de $ tmp_upload_dir, lo que lleva a upgrade_handle.php? Cmd = writeuploaddir Ejecución remota de comandos. • https://kb.netgear.com/000049072/Security-Advisory-for-Command-Injection-in-ReadyNAS-Surveillance-Application-PSV-2017-2653 https://www.exploit-db.com/exploits/42956 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2016-5677 – NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2016-5677
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request. NUUO NVRmini 2 1.7.5 hasta la versión 3.0.0, NUUO NVRsolo 1.0.0 hasta la versión 3.0.0 y NETGEAR ReadyNAS Surveillance 1.1.1 hasta la versión 1.4.1 tienen una contraseña codificada qwe23622260 para la cuenta nuuoeng, lo que permite a atacantes remotos obtener información sensible a través de una petición __nvr_status___.php. NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS suffer from multiple security issues that result in remote code execution, backdoor access, buffer overflow, and various other vulnerabilities. • https://www.exploit-db.com/exploits/40200 http://www.kb.cert.org/vuls/id/856152 http://www.securityfocus.com/bid/92318 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-5675 – NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2016-5675
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter. handle_daylightsaving.php en NUUO NVRmini 2 1.7.5 hasta la versión 3.0.0, NUUO NVRsolo 1.0.0 hasta la versión 3.0.0, NUUO Crystal 2.2.1 hasta la versión 3.2.0 y NETGEAR ReadyNAS Surveillance 1.1.1 hasta la versión 1.4.1 permite a atacantes remotos ejecutar código PHP arbitrario a través del parámetro NTPServer. NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS suffer from multiple security issues that result in remote code execution, backdoor access, buffer overflow, and various other vulnerabilities. • https://www.exploit-db.com/exploits/40200 http://www.kb.cert.org/vuls/id/856152 http://www.securityfocus.com/bid/92318 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/NUUO/nuuo-nvr-vulns.txt https://seclists.org/bugtraq/2016/Aug/45 • CWE-20: Improper Input Validation •