Vulnerabilites related to nuuo - nvrmini2
cve-2022-23227
Vulnerability from cvelistv5
Published
2022-01-14 17:13
Modified
2025-02-10 18:31
Severity ?
EPSS score ?
Summary
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/16044"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=29936569"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23227",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-21T04:56:14.705418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-12-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-23227"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T18:31:56.353Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T17:13:57.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/16044"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://news.ycombinator.com/item?id=29936569"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd",
"refsource": "MISC",
"url": "https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd"
},
{
"name": "https://github.com/rapid7/metasploit-framework/pull/16044",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/16044"
},
{
"name": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device"
},
{
"name": "https://news.ycombinator.com/item?id=29936569",
"refsource": "MISC",
"url": "https://news.ycombinator.com/item?id=29936569"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23227",
"datePublished": "2022-01-14T17:13:57.000Z",
"dateReserved": "2022-01-14T00:00:00.000Z",
"dateUpdated": "2025-02-10T18:31:56.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1149
Vulnerability from cvelistv5
Published
2018-09-19 15:00
Modified
2024-09-16 20:42
Severity ?
EPSS score ?
Summary
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf | x_refsource_CONFIRM | |
| https://github.com/tenable/poc/tree/master/nuuo/nvrmini2 | x_refsource_CONFIRM | |
| https://www.tenable.com/security/research/tra-2018-25 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/105720 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NUUO | NUUO NVRMini2 |
Version: All versions prior to version 3.9.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"name": "105720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105720"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NUUO NVRMini2",
"vendor": "NUUO",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 3.9.1"
}
]
}
],
"datePublic": "2018-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cgi_system in NUUO\u0027s NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-25T09:57:01",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"name": "105720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105720"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"DATE_PUBLIC": "2018-09-17T00:00:00",
"ID": "CVE-2018-1149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NUUO NVRMini2",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 3.9.1"
}
]
}
}
]
},
"vendor_name": "NUUO"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgi_system in NUUO\u0027s NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf",
"refsource": "CONFIRM",
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"name": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2",
"refsource": "CONFIRM",
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-25",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"name": "105720",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105720"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2018-1149",
"datePublished": "2018-09-19T15:00:00Z",
"dateReserved": "2017-12-05T00:00:00",
"dateUpdated": "2024-09-16T20:42:10.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1150
Vulnerability from cvelistv5
Published
2018-09-19 15:00
Modified
2024-09-17 04:08
Severity ?
EPSS score ?
Summary
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf | x_refsource_CONFIRM | |
| https://www.tenable.com/security/research/tra-2018-25 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/105720 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NUUO | NUUO NVRMini2 |
Version: All versions prior to version 3.9.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"name": "105720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105720"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NUUO NVRMini2",
"vendor": "NUUO",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 3.9.1"
}
]
}
],
"datePublic": "2018-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NUUO\u0027s NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Backdoor",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-25T09:57:01",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"name": "105720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105720"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"DATE_PUBLIC": "2018-09-17T00:00:00",
"ID": "CVE-2018-1150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NUUO NVRMini2",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 3.9.1"
}
]
}
}
]
},
"vendor_name": "NUUO"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NUUO\u0027s NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Backdoor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf",
"refsource": "CONFIRM",
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-25",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"name": "105720",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105720"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2018-1150",
"datePublished": "2018-09-19T15:00:00Z",
"dateReserved": "2017-12-05T00:00:00",
"dateUpdated": "2024-09-17T04:08:55.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201811-0051
Vulnerability from variot
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root. NUUO NVRMini2 Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO NVRmini Products are prone to an remote command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. NOTE: This issue is the result of an incomplete fix for the issue described in BID 106058 (NUUO NVRmini Products CVE-2018-14933 Remote Command Injection Vulnerability). NUUO NVRMini2 is a small network DVR device from NUUO
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nvrmini2",
"scope": "eq",
"trust": 1.6,
"vendor": "nuuo",
"version": "3.9.1"
},
{
"model": "nvrmini 2",
"scope": "eq",
"trust": 0.8,
"vendor": "nuuo",
"version": "3.9.1"
},
{
"model": "nvrsolo plus",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.10"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.10"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.10"
}
],
"sources": [
{
"db": "BID",
"id": "106059"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nuuo:nvrmini_2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable",
"sources": [
{
"db": "BID",
"id": "106059"
}
],
"trust": 0.3
},
"cve": "CVE-2018-15716",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-15716",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-126003",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-15716",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-15716",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-15716",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-004",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-126003",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-15716",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126003"
},
{
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root. NUUO NVRMini2 Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO NVRmini Products are prone to an remote command-injection vulnerability. \nAn attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. \nNOTE: This issue is the result of an incomplete fix for the issue described in BID 106058 (NUUO NVRmini Products CVE-2018-14933 Remote Command Injection Vulnerability). NUUO NVRMini2 is a small network DVR device from NUUO",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "BID",
"id": "106059"
},
{
"db": "VULHUB",
"id": "VHN-126003"
},
{
"db": "VULMON",
"id": "CVE-2018-15716"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-126003",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126003"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TENABLE",
"id": "TRA-2018-41",
"trust": 2.9
},
{
"db": "NVD",
"id": "CVE-2018-15716",
"trust": 2.9
},
{
"db": "BID",
"id": "106059",
"trust": 2.1
},
{
"db": "EXPLOIT-DB",
"id": "45948",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "150624",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-97703",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-126003",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-15716",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126003"
},
{
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"db": "BID",
"id": "106059"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"id": "VAR-201811-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126003"
}
],
"trust": 0.698015885
},
"last_update_date": "2024-11-23T22:48:32.714000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.nuuo.com/"
},
{
"title": "NUUO NVRMini2 Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87340"
},
{
"title": "Check Point Security Alerts: NUUO NVRMini Command Injection (CVE-2018-14933; CVE-2018-15716)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=check_point_security_alerts\u0026qid=2b0f048b5c4fc953f301d53a3560d6aa"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126003"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://www.tenable.com/security/research/tra-2018-41"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/106059"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/45948/"
},
{
"trust": 1.8,
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2/cve_2018_15716"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15716"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15716"
},
{
"trust": 0.3,
"url": "https://www.nuuo.com"
},
{
"trust": 0.3,
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2/cve_2018_1149"
},
{
"trust": 0.3,
"url": "https://github.com/tenable/poc/blob/master/nuuo/nvrmini2/cve_2018_15716/poc_nuuo_upgrade_handle.py"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/150624/nuuo-nvrmini2-3.9.1-command-injection.html"
},
{
"trust": 0.1,
"url": "https://advisories.checkpoint.com/defense/advisories/public/2023/cpai-2018-2636.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126003"
},
{
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"db": "BID",
"id": "106059"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126003"
},
{
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"db": "BID",
"id": "106059"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-126003"
},
{
"date": "2018-11-30T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"date": "2018-11-30T00:00:00",
"db": "BID",
"id": "106059"
},
{
"date": "2019-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"date": "2018-12-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"date": "2018-11-30T20:29:00.270000",
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-126003"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15716"
},
{
"date": "2018-11-30T00:00:00",
"db": "BID",
"id": "106059"
},
{
"date": "2019-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012507"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-004"
},
{
"date": "2024-11-21T03:51:19.900000",
"db": "NVD",
"id": "CVE-2018-15716"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRMini2 In OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012507"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-004"
}
],
"trust": 0.6
}
}
var-201812-1058
Vulnerability from variot
NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device. NUUO NVRmini2 Network Video Recorder The firmware contains a buffer error vulnerability and an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO NVRMini2 is a small network DVR device from NUUO. There is a security vulnerability in NUUO NVRmini2 with firmware version 3.9.1 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-1058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nvrmini2",
"scope": "lte",
"trust": 1.0,
"vendor": "nuuo",
"version": "3.9.1"
},
{
"model": "nvrmini 2",
"scope": "lte",
"trust": 0.8,
"vendor": "nuuo",
"version": "3.9.1"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "3.9.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nuuo:nvrmini_2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
}
]
},
"cve": "CVE-2018-19864",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19864",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-130566",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19864",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19864",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19864",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-188",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-130566",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19864",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device. NUUO NVRmini2 Network Video Recorder The firmware contains a buffer error vulnerability and an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO NVRMini2 is a small network DVR device from NUUO. There is a security vulnerability in NUUO NVRmini2 with firmware version 3.9.1 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "VULMON",
"id": "CVE-2018-19864"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-130566",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=46960",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "VULMON",
"id": "CVE-2018-19864"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19864",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "153162",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-188",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-130566",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "46960",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19864",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"id": "VAR-201812-1058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-130566"
}
],
"trust": 0.698015885
},
"last_update_date": "2024-11-23T22:37:57.147000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NUUO NVRMini 2",
"trust": 0.8,
"url": "https://www.nuuo.com/DownloadMainpage.php"
},
{
"title": "CVE-2018-19864",
"trust": 0.1,
"url": "https://github.com/NotEth1calHack3r/CVE-2018-19864 "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.digitaldefense.com/blog/zero-day-alerts/nuuo-firmware-disclosure/"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.com/files/153162/nuuo-nvrmini-2-3.9.1-stack-overflow.html"
},
{
"trust": 1.8,
"url": "https://www.nuuo.com/downloadmainpage.php"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19864"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19864"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://github.com/noteth1calhack3r/cve-2018-19864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/46960"
},
{
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-130566"
},
{
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-05T00:00:00",
"db": "VULHUB",
"id": "VHN-130566"
},
{
"date": "2018-12-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"date": "2019-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"date": "2018-12-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"date": "2018-12-05T11:29:05.937000",
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-04T00:00:00",
"db": "VULHUB",
"id": "VHN-130566"
},
{
"date": "2019-06-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19864"
},
{
"date": "2019-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012533"
},
{
"date": "2019-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-188"
},
{
"date": "2024-11-21T03:58:42.880000",
"db": "NVD",
"id": "CVE-2018-19864"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRmini2 Network Video Recorder Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012533"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-188"
}
],
"trust": 0.6
}
}
var-201809-0280
Vulnerability from variot
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests. NUUO NVRMini2 Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO is one of the monitoring solution providers, and NUUO NVRMini 2 is a NAS-enabled NVR solution. NUUO NVRMini2 has a remote code execution vulnerability. Due to program logic defects, the length of the HTTP header cookie field was not checked when processing the GET request of /cgi-bin/cgi_system and the sprintf function was used for splicing, resulting in a stack overflow. By constructing specially crafted data, an attacker can exploit this vulnerability to execute arbitrary commands on the target device. Failed exploit attempts may result in a denial-of-service condition. NVRmini2 and NVRsolo 3.8.0 and prior are vulnerable. NUUO NVRmini 2 is a video storage management device produced by American NUUO company. There is a security vulnerability in cgi_system in NUUO NVRMini 2 3.8.0 and earlier versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0280",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nvrmini2",
"scope": "lte",
"trust": 1.0,
"vendor": "nuuo",
"version": "3.8.0"
},
{
"model": "nvrmini 2",
"scope": "lte",
"trust": 0.8,
"vendor": "nuuo",
"version": "3.8.0"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "03.07.0000.0011"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "03.08.0000.0005"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "3.8.0"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.8"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.0"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "2.0"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "1.0"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.8"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.0"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "22.0"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "21.7.5"
},
{
"model": "nvrsolo",
"scope": "ne",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.9.1"
},
{
"model": "nvrmini",
"scope": "ne",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.9.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nvrmini2",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nuuo:nvrmini_2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Baines of Tenable",
"sources": [
{
"db": "BID",
"id": "105720"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1149",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1149",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-19317",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-121354",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1149",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1149",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-1149",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-19317",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-862",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-121354",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-1149",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "VULHUB",
"id": "VHN-121354"
},
{
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cgi_system in NUUO\u0027s NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests. NUUO NVRMini2 Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO is one of the monitoring solution providers, and NUUO NVRMini 2 is a NAS-enabled NVR solution. NUUO NVRMini2 has a remote code execution vulnerability. Due to program logic defects, the length of the HTTP header cookie field was not checked when processing the GET request of /cgi-bin/cgi_system and the sprintf function was used for splicing, resulting in a stack overflow. By constructing specially crafted data, an attacker can exploit this vulnerability to execute arbitrary commands on the target device. Failed exploit attempts may result in a denial-of-service condition. \nNVRmini2 and NVRsolo 3.8.0 and prior are vulnerable. NUUO NVRmini 2 is a video storage management device produced by American NUUO company. There is a security vulnerability in cgi_system in NUUO NVRMini 2 3.8.0 and earlier versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1149"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121354"
},
{
"db": "VULMON",
"id": "CVE-2018-1149"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1149",
"trust": 3.7
},
{
"db": "TENABLE",
"id": "TRA-2018-25",
"trust": 2.4
},
{
"db": "BID",
"id": "105720",
"trust": 1.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-284-01",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-19317",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2FB9481-39AB-11E9-880F-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121354",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-1149",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "VULHUB",
"id": "VHN-121354"
},
{
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"id": "VAR-201809-0280",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "VULHUB",
"id": "VHN-121354"
}
],
"trust": 1.498015885
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
}
]
},
"last_update_date": "2024-11-23T22:12:21.206000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NUUO version 3.9.1 Release date_2018.09",
"trust": 0.8,
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"title": "NUUO NVRMini 2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84988"
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/Exp101tsArchiv30thers "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/critical-rce-peekaboo-bug-in-nvr-surveillance-system-poc-available/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121354"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"trust": 2.4,
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"trust": 1.8,
"url": "https://www.nuuo.com/backend/ckedit/upload/files/nuuo_nvrsolo_v3_9_1_release%20note.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/105720"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-284-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1149"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1149"
},
{
"trust": 0.3,
"url": "http://www.nuuo.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "VULHUB",
"id": "VHN-121354"
},
{
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"db": "VULHUB",
"id": "VHN-121354"
},
{
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-19T00:00:00",
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"date": "2018-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-121354"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"date": "2018-10-11T00:00:00",
"db": "BID",
"id": "105720"
},
{
"date": "2019-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"date": "2018-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"date": "2018-09-19T15:29:06.063000",
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19317"
},
{
"date": "2018-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-121354"
},
{
"date": "2018-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1149"
},
{
"date": "2018-10-11T00:00:00",
"db": "BID",
"id": "105720"
},
{
"date": "2019-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011477"
},
{
"date": "2018-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-862"
},
{
"date": "2024-11-21T03:59:17.307000",
"db": "NVD",
"id": "CVE-2018-1149"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRMini2 Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19317"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "e2fb9481-39ab-11e9-880f-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-862"
}
],
"trust": 0.8
}
}
var-201809-0281
Vulnerability from variot
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists. NUUO NVRMini2 Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO is one of the monitoring solution providers, and NUUO NVRMini 2 is a NAS-enabled NVR solution. There is a backdoor vulnerability in NUUO NVRMini2. When the target device file system has a specific file /tmp/moses/, the backdoor will be opened, and any unauthorized user can obtain the user list of the non-admin user and change the password by using the API to implement the takeover of the NVR device. An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. NVRmini2 and NVRsolo 3.8.0 and prior are vulnerable. NUUO NVRmini 2 is a video storage management device produced by American NUUO company. There is a security vulnerability in NUUO NVRMini 2 3.8.0 and earlier versions, which is caused by the backdoor in the program
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0281",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nvrmini2",
"scope": "lte",
"trust": 1.0,
"vendor": "nuuo",
"version": "3.8.0"
},
{
"model": "nvrmini 2",
"scope": "lte",
"trust": 0.8,
"vendor": "nuuo",
"version": "3.8.0"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "03.07.0000.0011"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "03.08.0000.0005"
},
{
"model": "nvrmini2",
"scope": "eq",
"trust": 0.6,
"vendor": "nuuo",
"version": "3.8.0"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.8"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.0"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "2.0"
},
{
"model": "nvrsolo",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "1.0"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.8"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.0"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "22.0"
},
{
"model": "nvrmini",
"scope": "eq",
"trust": 0.3,
"vendor": "nuuo",
"version": "21.7.5"
},
{
"model": "nvrsolo",
"scope": "ne",
"trust": 0.3,
"vendor": "nuuo",
"version": "3.9.1"
},
{
"model": "nvrmini",
"scope": "ne",
"trust": 0.3,
"vendor": "nuuo",
"version": "23.9.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nvrmini2",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nuuo:nvrmini_2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Baines of Tenable",
"sources": [
{
"db": "BID",
"id": "105720"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1150",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-19318",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-121365",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1150",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1150",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-1150",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-19318",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-863",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121365",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-1150",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "VULHUB",
"id": "VHN-121365"
},
{
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO\u0027s NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists. NUUO NVRMini2 Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO is one of the monitoring solution providers, and NUUO NVRMini 2 is a NAS-enabled NVR solution. There is a backdoor vulnerability in NUUO NVRMini2. When the target device file system has a specific file /tmp/moses/, the backdoor will be opened, and any unauthorized user can obtain the user list of the non-admin user and change the password by using the API to implement the takeover of the NVR device. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. \nNVRmini2 and NVRsolo 3.8.0 and prior are vulnerable. NUUO NVRmini 2 is a video storage management device produced by American NUUO company. There is a security vulnerability in NUUO NVRMini 2 3.8.0 and earlier versions, which is caused by the backdoor in the program",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121365"
},
{
"db": "VULMON",
"id": "CVE-2018-1150"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1150",
"trust": 3.7
},
{
"db": "TENABLE",
"id": "TRA-2018-25",
"trust": 2.4
},
{
"db": "BID",
"id": "105720",
"trust": 2.1
},
{
"db": "ICS CERT",
"id": "ICSA-18-284-01",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-19318",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2FB9480-39AB-11E9-9752-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121365",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-1150",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "VULHUB",
"id": "VHN-121365"
},
{
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"id": "VAR-201809-0281",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "VULHUB",
"id": "VHN-121365"
}
],
"trust": 1.498015885
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
}
]
},
"last_update_date": "2024-11-23T22:12:21.163000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NUUO version 3.9.1 Release date_2018.09",
"trust": 0.8,
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"title": "NUUO NVRmini 2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84989"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121365"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/105720"
},
{
"trust": 1.8,
"url": "https://www.nuuo.com/backend/ckedit/upload/files/nuuo_nvrsolo_v3_9_1_release%20note.pdf"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-284-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1150"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1150"
},
{
"trust": 0.6,
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"trust": 0.3,
"url": "http://www.nuuo.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "VULHUB",
"id": "VHN-121365"
},
{
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"db": "VULHUB",
"id": "VHN-121365"
},
{
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"db": "BID",
"id": "105720"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-19T00:00:00",
"db": "IVD",
"id": "e2fb9480-39ab-11e9-9752-000c29342cb1"
},
{
"date": "2018-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-121365"
},
{
"date": "2018-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"date": "2018-10-11T00:00:00",
"db": "BID",
"id": "105720"
},
{
"date": "2019-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"date": "2018-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"date": "2018-09-19T15:29:06.280000",
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19318"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-121365"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1150"
},
{
"date": "2018-10-11T00:00:00",
"db": "BID",
"id": "105720"
},
{
"date": "2019-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011478"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-863"
},
{
"date": "2024-11-21T03:59:17.417000",
"db": "NVD",
"id": "CVE-2018-1150"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRMini2 Vulnerabilities related to security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-863"
}
],
"trust": 0.6
}
}
var-202201-2026
Vulnerability from variot
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root. NUUO NVRmini2 There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NUUO NVRMini2 is a small network hard disk video recorder device from Taiwan NUUO company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-2026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nvrmini2",
"scope": "lte",
"trust": 1.0,
"vendor": "nuuo",
"version": "3.11.0"
},
{
"model": "nvrmini 2",
"scope": "eq",
"trust": 0.8,
"vendor": "nuuo",
"version": null
},
{
"model": "nvrmini 2",
"scope": "eq",
"trust": 0.8,
"vendor": "nuuo",
"version": "nuuo nvrmini 2 firmware 3.11 to"
},
{
"model": "nvrmini2",
"scope": "lt",
"trust": 0.6,
"vendor": "nuuo",
"version": "03.11.0000.0005"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"cve": "CVE-2022-23227",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2022-23227",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-70105",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-23227",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-23227",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-23227",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-23227",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2022-70105",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-1329",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2022-23227",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1329"
},
{
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root. NUUO NVRmini2 There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NUUO NVRMini2 is a small network hard disk video recorder device from Taiwan NUUO company",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-23227"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "VULMON",
"id": "CVE-2022-23227"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-23227",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-70105",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1329",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-23227",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1329"
},
{
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"id": "VAR-202201-2026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
}
],
"trust": 1.198015885
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
}
]
},
"last_update_date": "2024-11-23T22:32:56.965000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.nuuo.com/"
},
{
"title": "Patch for NUUO NVRmini2 Authorization Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/358241"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device"
},
{
"trust": 2.5,
"url": "https://github.com/pedrib/poc/blob/master/advisories/nuuo/nuuo_nvrmini_round2.mkd"
},
{
"trust": 2.5,
"url": "https://github.com/rapid7/metasploit-framework/pull/16044"
},
{
"trust": 1.7,
"url": "https://news.ycombinator.com/item?id=29936569"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23227"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1329"
},
{
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1329"
},
{
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"date": "2022-01-14T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"date": "2023-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"date": "2022-01-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1329"
},
{
"date": "2022-01-14T18:15:10.303000",
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-70105"
},
{
"date": "2022-01-21T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23227"
},
{
"date": "2023-02-15T07:43:00",
"db": "JVNDB",
"id": "JVNDB-2022-003358"
},
{
"date": "2022-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1329"
},
{
"date": "2024-11-21T06:48:13.770000",
"db": "NVD",
"id": "CVE-2022-23227"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NUUO\u00a0NVRmini2\u00a0 Vulnerability regarding lack of authentication for critical features in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003358"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1329"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2022-01-14 18:15
Modified
2025-01-03 02:00
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nuuo | nvrmini2_firmware | * | |
| nuuo | nvrmini2 | - |
{
"cisaActionDue": "2025-01-08",
"cisaExploitAdd": "2024-12-18",
"cisaRequiredAction": "The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.",
"cisaVulnerabilityName": "NUUO NVRmini2 Devices Missing Authentication Vulnerability ",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nuuo:nvrmini2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "472067E2-1E5F-4E94-86DD-0AFFA875579B",
"versionEndIncluding": "3.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nuuo:nvrmini2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1532E39C-AADF-458F-9E21-C47197D1CB27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root."
},
{
"lang": "es",
"value": "NUUO NVRmini2 versiones hasta 3.11, permite a un atacante no autenticado subir un archivo TAR encriptado, que puede ser abusado para a\u00f1adir usuarios arbitrarios debido a la falta de autenticaci\u00f3n del archivo handle_import_user.php. Cuando es combinado con otro fallo (CVE-2011-5325), es posible sobrescribir archivos arbitrarios bajo el root de la web y lograr la ejecuci\u00f3n de c\u00f3digo como root"
}
],
"id": "CVE-2022-23227",
"lastModified": "2025-01-03T02:00:01.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-01-14T18:15:10.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/16044"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://news.ycombinator.com/item?id=29936569"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/pedrib/PoC/blob/master/advisories/NUUO/nuuo_nvrmini_round2.mkd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/16044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://news.ycombinator.com/item?id=29936569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://portswigger.net/daily-swig/researcher-discloses-alleged-zero-day-vulnerabilities-in-nuuo-nvrmini2-recording-device"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-19 15:29
Modified
2024-11-21 03:59
Severity ?
Summary
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | http://www.securityfocus.com/bid/105720 | Third Party Advisory, VDB Entry | |
| vulnreport@tenable.com | https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf | Release Notes, Vendor Advisory | |
| vulnreport@tenable.com | https://www.tenable.com/security/research/tra-2018-25 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2018-25 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nuuo | nvrmini2_firmware | * | |
| nuuo | nvrmini2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nuuo:nvrmini2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0B006A-768C-462D-A204-516126B60D41",
"versionEndIncluding": "3.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nuuo:nvrmini2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1532E39C-AADF-458F-9E21-C47197D1CB27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NUUO\u0027s NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists."
},
{
"lang": "es",
"value": "NVRMini2 en versiones 3.8.0 y anteriores de NUUO contiene una puerta trasera que permitir\u00eda que un atacante remoto no autenticado controle cuentas de usuario si existe el archivo /tmp/moses."
}
],
"id": "CVE-2018-1150",
"lastModified": "2024-11-21T03:59:17.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-19T15:29:06.280",
"references": [
{
"source": "vulnreport@tenable.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105720"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
}
],
"sourceIdentifier": "vulnreport@tenable.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-19 15:29
Modified
2024-11-21 03:59
Severity ?
Summary
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | http://www.securityfocus.com/bid/105720 | Third Party Advisory, VDB Entry | |
| vulnreport@tenable.com | https://github.com/tenable/poc/tree/master/nuuo/nvrmini2 | Exploit, Third Party Advisory | |
| vulnreport@tenable.com | https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf | Vendor Advisory | |
| vulnreport@tenable.com | https://www.tenable.com/security/research/tra-2018-25 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tenable/poc/tree/master/nuuo/nvrmini2 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2018-25 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nuuo | nvrmini2_firmware | * | |
| nuuo | nvrmini2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nuuo:nvrmini2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0B006A-768C-462D-A204-516126B60D41",
"versionEndIncluding": "3.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nuuo:nvrmini2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1532E39C-AADF-458F-9E21-C47197D1CB27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cgi_system in NUUO\u0027s NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests."
},
{
"lang": "es",
"value": "cgi_system en NVRMini2 en versiones 3.8.0 y anteriores de NUUO permite que los atacantes remotos ejecuten c\u00f3digo arbitrario mediante peticiones HTTP manipuladas"
}
],
"id": "CVE-2018-1149",
"lastModified": "2024-11-21T03:59:17.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-19T15:29:06.063",
"references": [
{
"source": "vulnreport@tenable.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105720"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tenable/poc/tree/master/nuuo/nvrmini2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-25"
}
],
"sourceIdentifier": "vulnreport@tenable.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}