fkie_nvd - fkie_cve-2016-5675

fkie_cve-2016-5675

Vulnerability from fkie_nvd

Published

2016-08-31 15:59

Modified

2024-11-21 02:54

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.

References

URL	Tags
cret@cert.org	http://www.kb.cert.org/vuls/id/856152	Third Party Advisory, US Government Resource
cret@cert.org	http://www.securityfocus.com/bid/92318
cret@cert.org	https://www.exploit-db.com/exploits/40200/
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/856152	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92318
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40200/

Impacted products

Vendor	Product	Version
netgear	readynas_surveillance	1.1.1
netgear	readynas_surveillance	1.1.2
netgear	readynas_surveillance	1.2.0.4
netgear	readynas_surveillance	1.3.2.4
netgear	readynas_surveillance	1.3.2.14
netgear	readynas_surveillance	1.4.0
netgear	readynas_surveillance	1.4.1
netgear	readynas_surveillance	1.4.2
nuuo	crystal	2.2.1
nuuo	crystal	3.0.0
nuuo	crystal	3.1.0
nuuo	crystal	3.2.0
nuuo	nvrsolo	1.0.0
nuuo	nvrsolo	1.0.1
nuuo	nvrsolo	1.1.0
nuuo	nvrsolo	1.1.0.117
nuuo	nvrsolo	1.1.1
nuuo	nvrsolo	1.1.2
nuuo	nvrsolo	1.2.0
nuuo	nvrsolo	1.3.0
nuuo	nvrsolo	1.75
nuuo	nvrsolo	2.0.0
nuuo	nvrsolo	2.0.1
nuuo	nvrsolo	2.1.5
nuuo	nvrsolo	2.2.2
nuuo	nvrsolo	2.3
nuuo	nvrsolo	2.3.1.20
nuuo	nvrsolo	2.3.7.9
nuuo	nvrsolo	2.3.7.10
nuuo	nvrsolo	2.3.9.6
nuuo	nvrsolo	3.0.0
nuuo	nvrmini_2	1.7.5
nuuo	nvrmini_2	1.7.6
nuuo	nvrmini_2	2.0.0
nuuo	nvrmini_2	2.2.1
nuuo	nvrmini_2	3.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9350713-FE2D-4E0B-9F8C-DC75D39DBE94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA1225D7-C268-4343-9988-7A75416B9860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4596B86-FE04-4EF0-B2B0-DEA2F435FF19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "000CBDBE-2C3C-4502-86A7-C3D098DE3C5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.3.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FA3A6C7-3EB1-466F-A2A4-C221821D1811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D6B8FE-33D3-4080-BFF4-7EE8E2554CFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "44FC066D-B18D-4BC3-B43B-AA83EB186C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D335E352-75D8-4A05-A040-2543B2B016DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nuuo:crystal:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBF2E8FD-DD09-41C6-82C8-3B1AD60042A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nuuo:crystal:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "559B9A7D-34FA-4EF3-B7B2-B2115E2D732F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nuuo:crystal:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7336B11-E0A6-4F82-97B6-0765F9016C7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nuuo:crystal:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B387A683-6B92-4EE8-AB11-C6A8F6D1340C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825FB36D-A956-4C1A-8347-54847D2A165E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "786F893A-E3F2-4FC5-A43D-4812CCEF4C9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3CF36E-67F3-40B9-A5F2-64B0165CA6C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.1.0.117:*:*:*:*:*:*:*",
              "matchCriteriaId": "0796B887-E3B9-4A15-99E5-B1853E02D6EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFC870-408C-447D-B36F-0720074BAEF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "67ADE7D2-BEB9-4333-8211-CF8C84E85B25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24440F32-559E-407F-BC83-A272DEA20002",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6486CDA6-FEDD-4A3D-8123-0A1C71699FB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:1.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "E652B5F9-1A30-4830-A6C3-666998D29225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C09EB9FB-26CB-4A2D-9113-882D80BC9BBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D76A17A-872C-4281-8525-BA9388F181F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEC215A-2E41-4CF6-BB86-BC472CDDC9AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF7E86B-2D6D-41B2-B676-D963FAF622A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C23EF235-9834-48E7-8B92-AE0EE0F461B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE643FA9-EF8E-43A3-8E0C-819EC434040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4347D1E4-E162-462E-9A30-2DF79A0010EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "20B9E362-D36F-49BC-B695-46796662A3F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "51998757-3AAB-40E4-BDAB-B027843F1DBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrsolo:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCF388E-9FBD-4A85-9BA6-0DF7C85632EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:nuuo:nvrmini_2:1.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F373AAC-B792-45AB-B4FE-37FC6A91DE7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrmini_2:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD02ABB-65FF-4F08-9C99-69BB03A2AE07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrmini_2:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "949274A8-E85A-4344-A4F2-2E038B877874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrmini_2:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3D600A-4E84-416C-BAAE-70684DCFD15E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:nuuo:nvrmini_2:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA286A6-CCCD-419A-B9DC-10F4B59FF2FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter."
    },
    {
      "lang": "es",
      "value": "handle_daylightsaving.php en NUUO NVRmini 2 1.7.5 hasta la versi\u00f3n 3.0.0, NUUO NVRsolo 1.0.0 hasta la versi\u00f3n 3.0.0, NUUO Crystal 2.2.1 hasta la versi\u00f3n 3.2.0 y NETGEAR ReadyNAS Surveillance 1.1.1 hasta la versi\u00f3n 1.4.1 permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario a trav\u00e9s del par\u00e1metro NTPServer."
    }
  ],
  "id": "CVE-2016-5675",
  "lastModified": "2024-11-21T02:54:48.187",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-31T15:59:01.653",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/856152"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/92318"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.exploit-db.com/exploits/40200/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/856152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/40200/"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2016-5675

Vulnerability from cvelistv5

Published

2016-08-31 15:00

Modified

2024-08-06 01:07