CVE-2018-15716

Published November 30th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

HIGH

Affected

PROJECT

Description

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.

tenable/poc

Proof of Concepts

GitHub

1.25K