1 results (0.025 seconds)

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1

A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.258780 https://vuldb.com/?id.258780 https://www.exploit-db.com/exploits/40214 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •