EIP-2026-110000

PRE-CVE

NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110000. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates multiple authenticated OS command injection vulnerabilities in NUUO NVRmini, NVRmini2, Crystal, NVRSolo, and NVRTitan devices. The PoC includes HTTP requests that inject arbitrary shell commands via parameters in `handle_iscsi.php` and `cgi_system` endpoints, executing as root.

Description

NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappsphp

https://www.exploit-db.com/exploits/40212

View Code ZIP pw:eip

This exploit demonstrates multiple authenticated OS command injection vulnerabilities in NUUO NVRmini, NVRmini2, Crystal, NVRSolo, and NVRTitan devices. The PoC includes HTTP requests that inject arbitrary shell commands via parameters in `handle_iscsi.php` and `cgi_system` endpoints, executing as root.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: NUUO NVRmini, NVRmini2, Crystal, NVRSolo, NVRTitan (versions <=3.0.8, DP <=04.07.0000.0030, FW <=02.02.00)

Auth required

Prerequisites: Authenticated session (PHPSESSID cookie) · Network access to the target device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026