Filtered by vendor Nuuo
Subscribe
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17892 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution. | |||||
| CVE-2018-17890 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution. | |||||
| CVE-2018-17888 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution. | |||||
| CVE-2018-15716 | 1 Nuuo | 5 Ne-2020, Ne-2040, Ne-4080 and 2 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root. | |||||
| CVE-2018-11523 | 1 Nuuo | 2 Nvrmini 2, Nvrmini 2 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files. | |||||
| CVE-2016-6553 | 1 Nuuo | 2 Nt-4040 Titan, Nt-4040 Titan Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device. | |||||