Arbitrary PHP Code Execution in NUUO NVRmini 2, NUUO NVRsolo, and NETGEAR ReadyNAS Surveillance

Arbitrary PHP Code Execution in NUUO NVRmini 2, NUUO NVRsolo, and NETGEAR ReadyNAS Surveillance

CVE-2016-5674 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.

Learn more about our Web Application Penetration Testing UK.