← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-14933 — Actively Exploited: NVRmini Devices (NUUO)

NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.

CVE IDCVE-2018-14933
VendorNUUO
ProductNVRmini Devices
Vulnerability nameNUUO NVRmini Devices OS Command Injection Vulnerability
Date added2024-12-18
Remediation due2025-01-08
Known ransomware useUnknown
Required actionThe impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
DescriptionNUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →