Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-5674 PoC — 多款NUUO产品和NetGear产品安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2016/CVE-2016-5674.yaml
Associated Vulnerability
Title:多款NUUO产品和NetGear产品安全漏洞 (CVE-2016-5674)
Description:NUUO NVRsolo和NVRmini 2都是NUUO公司的网络视频录像机。NetGear ReadyNAS Surveillance是美国网件(NetGear)公司的一套整合了视频监控软件、存储、交换和网路管理的综合IP视频监控解决方案。 多款NUUO产品和NetGear产品中的__debugging_center_utils___.php文件存在安全漏洞。远程攻击者可借助‘log'参数利用该漏洞执行任意PHP代码。以下版本受到影响:NUUO NVRmini 2 1.7.5至3.0.0版本,NUUO
Description
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.
File Snapshot

 id: CVE-2016-5674

info:
  name: NUUO NVR camera `debugging_center_utils_.php` - Command Execution
 

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.