CVE-2016-5674

CRITICAL EXPLOITED NUCLEI

NUUO NVRmini <3.0.0 - RCE

Title source: llm

Description

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.

Exploits (2)

exploitdb WORKING POC

by Pedro Ribeiro · textremotehardware

https://www.exploit-db.com/exploits/40200

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nuuo_nvrmini_unauth_rce.rb

View Code ZIP pw:eip

Nuclei Templates (1)

NUUO NVR camera `debugging_center_utils_.php` - Command Execution

CRITICALVERIFIEDby DhiyaneshDK

FOFA:

app="NUUO-NVRmini" || app="NUUO-NVR" || title="Network Video Recorder Login" || app="nuuo-nvrmini" || app="nuuo-nvr" || title="network video recorder login"

References (3)

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/856152

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92318

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/40200/

Scores

CVSS v3 9.8

EPSS 0.8938

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2022-04-01

CWE

CWE-20

Status published

Products (24)

netgear/readynas_surveillance 1.1.1

netgear/readynas_surveillance 1.1.2

netgear/readynas_surveillance 1.2.0.4

netgear/readynas_surveillance 1.3.2.4

netgear/readynas_surveillance 1.3.2.14

netgear/readynas_surveillance 1.4.0

netgear/readynas_surveillance 1.4.1

netgear/readynas_surveillance 1.4.2

nuuo/nvrmini_2 1.7.5

nuuo/nvrmini_2 1.7.6

... and 14 more

Published Aug 31, 2016

Tracked Since Feb 18, 2026