Описание
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.
Ссылки
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.8.0 (включая)
Одновременно
cpe:2.3:o:nuuo:nvrmini2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nuuo:nvrmini2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00635
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists.
EPSS
Процентиль: 70%
0.00635
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo