NUUO NVRmini Devices OS Command Injection Vulnerability
Details
CISA date
2024-12-18
Affected versions
NVRmini Devices
Summary
NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
Remediation
The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
Exploit info
No exploit-tagged NVD references in our cache; see the CISA KEV link below.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.