Arbitrary Code Execution Vulnerability in NUUO's NVRMini2 3.8.0 and Below

Arbitrary Code Execution Vulnerability in NUUO's NVRMini2 3.8.0 and Below

CVE-2018-1149 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.

Learn more about our Web Application Penetration Testing UK.