Authenticated Remote Command Injection in NUUO NVRMini2 version 3.9.1
CVE-2018-15716 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
Learn more about our Web Application Penetration Testing UK.