CVE-2018-11523

Severity CVSS v4.0:
Pending analysis
Type:
CWE-434 Unrestricted Upload of File with Dangerous Type
Publication date:
29/05/2018
Last modified:
29/06/2018

Description

upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:nuuo:nvrmini_2_firmware:*:*:*:*:*:*:*:* 3.6.5 (including)
cpe:2.3:h:nuuo:nvrmini_2:-:*:*:*:*:*:*:*