1 results (0.006 seconds)
CVSS: 10.0EPSS: 44%CPEs: 2EXPL: 2
CVSS: 10.0EPSS: 44%CPEs: 2EXPL: 2CVE-2018-14933 – NUUO NVRmini - upgrade_handle.php Remote Command Execution
https://notcve.org/view.php?id=CVE-2018-14933
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. upgrade_handle.php en dispositivos NUUO NVRmini permite la ejecución remota de comandos mediante metacaracteres shell en el parámetro uploaddir de un comando writeuploaddir. • https://www.exploit-db.com/exploits/46340 https://www.exploit-db.com/exploits/45070 https://www.berkdusunur.net/2018/11/development-of-metasploit-module-after.html https://www.tenable.com/security/research/tra-2018-41 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •