Arbitrary Command Execution in NUUO Network Video Recorder Firmware

Arbitrary Command Execution in NUUO Network Video Recorder Firmware

CVE-2019-9653 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php.

Learn more about our Network Penetration Testing.