CVE-2018-17936

CRITICAL

NUUO CMS < 3.3 - Unauthenticated Arbitrary File Upload and Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-17936. PoCs published by Pedro Ribeiro <[email protected]>, including Metasploit module exploits/windows/nuuo/nuuo_cms_fu.

AI-analyzed exploit summary This Metasploit module exploits an authenticated arbitrary file upload vulnerability in Nuuo Central Management Server (CMS) via directory traversal in the COMMITCONFIG verb. It overwrites LicenseTool.dll with a malicious payload to achieve remote code execution and includes cleanup logic to restore the original file.

Description

NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.

Exploits (1)

metasploit WORKING POC MANUAL

by Pedro Ribeiro <[email protected]> · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/nuuo/nuuo_cms_fu.rb

View Code ZIP pw:eip

This Metasploit module exploits an authenticated arbitrary file upload vulnerability in Nuuo Central Management Server (CMS) via directory traversal in the COMMITCONFIG verb. It overwrites LicenseTool.dll with a malicious payload to achieve remote code execution and includes cleanup logic to restore the original file.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Nuuo Central Management Server <= v2.4.0

Auth required

Prerequisites: Valid credentials or session ID · Network access to the Nuuo CMS server

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1505.003 - Web Shell T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Mitigation, Third Party Advisory, US Government Resource x_refsource_misc

https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02

Scores

CVSS v3 9.8

EPSS 0.1531

EPSS Percentile 96.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

nuuo/nuuo_cms < 3.3

Published Nov 27, 2018

Tracked Since Feb 18, 2026