Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

HTTP: Nuuo Nvrmini2 Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Nuuo NVR Mini2. A successful attack can lead to Remote Code Execution.

Extended Description

cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.

References

BugTraq: 105720

CVE: CVE-2018-1149

URL: https://www.nuuo.com/backend/CKEdit/upload/files/NUUO_NVRsolo_v3_9_1_Release%20note.pdf

Short Name

HTTP:MISC:NUUO-NVRMINI2-RCE

Severity

Major

Recommended

False

Recommended Action

Drop

Category

HTTP

Keywords

CVE-2018-1149 Code Execution Nuuo Nvrmini2 Remote bid:105720

Release Date

09/10/2019

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3415

False Positive

Unknown

CVSS Score

10.0