Nuuo Nvrmini2 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Nuuo Nvrmini2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-1149 — CVSS 9.8 (critical): cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.
CVE-2018-19864 — CVSS 9.8 (critical): NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2018-15716 — CVSS 8.8 (high): NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to…
CVE-2018-1150 — CVSS 7.3 (high): NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the…