Arbitrary Code Execution Vulnerability in NUUO NVRmini 2 and NETGEAR ReadyNAS Surveillance

Arbitrary Code Execution Vulnerability in NUUO NVRmini 2 and NETGEAR ReadyNAS Surveillance

CVE-2016-5680 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.

Learn more about our User Device Pen Test.