CVE-2018-14933 — Actively Exploited: NVRmini Devices (NUUO)
NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
| CVE ID | CVE-2018-14933 |
|---|---|
| Vendor | NUUO |
| Product | NVRmini Devices |
| Vulnerability name | NUUO NVRmini Devices OS Command Injection Vulnerability |
| Date added | 2024-12-18 |
| Remediation due | 2025-01-08 |
| Known ransomware use | Unknown |
| Required action | The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product. |
| Description | NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →