THREATOPS
THREAT OPSCVEs › CVE-2018-14933

CVE-2018-14933 — NUUO NVRmini Devices OS Command Injection Vulnerability

CISA KEVExploited: confirmedNUUO

NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.

Vulnerability details